59d16f46cda113a5f82d22c2ea6ad38c_JaffaCakes118 | Triage

Sharing

General

Target

59d16f46cda113a5f82d22c2ea6ad38c_JaffaCakes118
Size

168KB
MD5

59d16f46cda113a5f82d22c2ea6ad38c
SHA1

61688e1935b89edf0047610a0501820b5f593c8b
SHA256

15ba5de7c54ec71b5d39365706175cbe04dd8ed084fec7e4d4ffdb4d9bfacc2d
SHA512

6e7377d6a91a72d6325da94ffeee3f9f757b508106fe7790e5334826532fab60172e13f3483ee6f91f9628cd924338ccaf0f1be0f9b352a661cd1e45362d174e
SSDEEP

3072:Es7dxMdxw6JY8AFezwdx+Aw5ad18EQmSWSPx3lrhCYB8EYtFo7z+/m0Q:Es7dxEA8AFezwzXki1tVSPxthCYB8EMs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59d16f46cda113a5f82d22c2ea6ad38c_JaffaCakes118

Files

59d16f46cda113a5f82d22c2ea6ad38c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22aa25a9dbb99211db866b1a30897dd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
GetFileSize
FlushInstructionCache
GetTickCount
VirtualProtect
GetLastError
GetProcAddress
LocalFree
LoadLibraryA
Sleep
LocalAlloc
ReadFile
VirtualProtect

user32

wsprintfA
wvsprintfA

Sections

@#WSBrA,
Size: - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

pi*;j6[I
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

*rgbGO0$
Size: - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RE-8[08w
Size: - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

`<Z_cf*'
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE