59e80131f25dbbf95d8f0bf9d520c8b2_JaffaCakes118 | Triage

Sharing

General

Target

59e80131f25dbbf95d8f0bf9d520c8b2_JaffaCakes118
Size

87KB
MD5

59e80131f25dbbf95d8f0bf9d520c8b2
SHA1

4cf2dec19fac430ab67c56b212cb8687e61644c1
SHA256

d7d7cff083b1f173998de66a23e9735bbfcb638fe6444c77223520814c359775
SHA512

54472e0fa9e1eea5f5e7b86adc8d8327f79b32ff64d6c9f517ffe2a18c2e961874e9671f656a67625a709878349937aa4a094890039be43dc9a74d437172b52c
SSDEEP

1536:1TebBqky2V31hfHSglJyif7ilmtUtkvnYk9D7roqKnocXk/GmzoD2tBrPmhFiPWf:1ibBql2V3v/xDfOlmaCvf55iocU/Gmzu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59e80131f25dbbf95d8f0bf9d520c8b2_JaffaCakes118

Files

59e80131f25dbbf95d8f0bf9d520c8b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3cb0e0f12376a8684117d637f34a5bf7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstVolumeMountPointW
GetThreadPriorityBoost
OpenJobObjectW
DeleteFileW
GetProcessShutdownParameters
TlsFree
SetConsoleNumberOfCommandsA
EnumCalendarInfoW
GetTapeStatus
GlobalWire
CreateFiberEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 129KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE