4a8b9b16502d4a7f9fc77f733115bebb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a8b9b16502d4a7f9fc77f733115bebb_JaffaCakes118
Size

83KB
MD5

4a8b9b16502d4a7f9fc77f733115bebb
SHA1

64441ec3c78583e1848792bb461eac956cf99997
SHA256

86399c91a181b0c64bef39b9b4eb2f5d365fd5b82212bef08c1984379cb1b869
SHA512

821606778ec5a8a5ec56e4e3958a78c89aa1896b6d73421d6d196ffb17ff21a6a2feef62738b0184bd40e38b56e24bf1fa4e22e2aa4b3cb0e05cec3a2236bb4e
SSDEEP

1536:WYaaoU0ygbf01+qVuwO6Rrja9EPpWvupjVrs2ryrd1vUQuqwcizSkX:WYapTrzjg8iW2Hs2quciu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a8b9b16502d4a7f9fc77f733115bebb_JaffaCakes118

Files

4a8b9b16502d4a7f9fc77f733115bebb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eec689e96a7c1f2552440f06fda2836d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetBinaryTypeA
GetEnvironmentStringsW
CancelDeviceWakeupRequest
GetNumberFormatA
FindNextVolumeW
GetSystemRegistryQuota
OpenJobObjectA
GetProcessVersion
InitializeCriticalSection

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE