59d2813a02b1d25153d5d0b009facf48_JaffaCakes118 | Triage

Sharing

General

Target

59d2813a02b1d25153d5d0b009facf48_JaffaCakes118
Size

83KB
MD5

59d2813a02b1d25153d5d0b009facf48
SHA1

60c512289435b50d8e59564e69a99048faf9ead1
SHA256

9c15ed4d07eff0ddee5bc28ef4e7893171c839b4652d92bd798a6e60cc01c850
SHA512

fa24c546b27f175521d011af014b92747459c3713338a8a48eda0afc59398b6b2ecf329cb8d538341ebcd964ab160fa6ac6dbc256eb348785a4c4afcfc8a009e
SSDEEP

1536:Go1MlbtiqUQrDk4UoEyaauzHK2aCpagFJgjEErxTWDTMqhGKYIZTET8bDQ:t8UCvEmuzBaOGjBkMqhGKZTbbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59d2813a02b1d25153d5d0b009facf48_JaffaCakes118

Files

59d2813a02b1d25153d5d0b009facf48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89372fb18f62680c81bf87a77b029fdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreatePipe
OpenProfileUserMapping
BuildCommDCBAndTimeoutsW
GlobalFindAtomA
IsProcessInJob
CreateActCtxA
LZCopy
SetComputerNameExA
WriteConsoleOutputW
GetDefaultSortkeySize
GetUserDefaultUILanguage

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE