4186d4017926ec5a4d75d92d2f771b5d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4186d4017926ec5a4d75d92d2f771b5d_JaffaCakes118
Size

76KB
MD5

4186d4017926ec5a4d75d92d2f771b5d
SHA1

1f5f2419fd2a5e61971683dd12c253ce6a05537e
SHA256

592512640c1f0edf866169a6b684f2768368c6299d8349c301dd674f1b9c27d9
SHA512

812f69424b30aa7083fd7d67546229175cce0330cb53b516c295584fb6e1f641d6b17fcf12f1f0335e6a24e9fe76503d89e1e1a045d4120792f9553112411f59
SSDEEP

1536:aDvWm06gVmFoz6+A5edT4EXpFo6BDQqffIVzakxSXpP7LcFei7vfILCtJUJcPRP+:65EgLAAuilrqmLP83/exdjjBkMqhGKZ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4186d4017926ec5a4d75d92d2f771b5d_JaffaCakes118

Files

4186d4017926ec5a4d75d92d2f771b5d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

494b4ed8d891d0111e1d73c8a9ae65cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomW
SetThreadLocale
MultiByteToWideChar
HeapReAlloc
SetSystemPowerState
GetNumberFormatA
OpenEventA
SearchPathW
FindNextVolumeMountPointW
GetPrivateProfileSectionNamesA
GetProcessShutdownParameters

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE