48a697e50e9404b7f263ef2280c6f464_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48a697e50e9404b7f263ef2280c6f464_JaffaCakes118
Size

76KB
MD5

48a697e50e9404b7f263ef2280c6f464
SHA1

20d40a5f5adbbed516f07b4ad754cec573a0761c
SHA256

f690ea2192cee1fed4c96ec94f1e8b6349ed2c22a502a3c8606591456db2d948
SHA512

90bf424c118083a1a4af74f8b0258a38666f5fa311e70c08def71c8135b428f8f163672200dc0e7ba600a24911bba53e066a2c536bcf377458d5b768d980b72f
SSDEEP

1536:bC49DG8PzW8qjeMi1XDS72lGuN1Cv/Wxn9dhthVJjWjEErxTWDTMqhGKYIZTET8x:bx9y8P6xQXDo2dA/Wp9dXVWjBkMqhGKn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48a697e50e9404b7f263ef2280c6f464_JaffaCakes118

Files

48a697e50e9404b7f263ef2280c6f464_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6cfe3e91b8be56bd59cea2cf2b1b150

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetGeoInfoA
SetCommMask
BackupSeek
GetDiskFreeSpaceExA
VerifyVersionInfoW
InitAtomTable
CreateEventA
GetTempFileNameA
EscapeCommFunction
WritePrivateProfileSectionW
ReadFileScatter
lstrcatW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE