5ca53178d9ff8cc3b2682d522fe685ba_JaffaCakes118 | Triage

Sharing

General

Target

5ca53178d9ff8cc3b2682d522fe685ba_JaffaCakes118
Size

132KB
MD5

5ca53178d9ff8cc3b2682d522fe685ba
SHA1

12fa891f64fab610bb2a54d786bd10ec2838726e
SHA256

e02d73fa4c666857c76988b319fa2560519447f4d159441cbd571167366bb546
SHA512

f6a97ddaa3538ecdde0e08b4ec13156040da8f02869bc00d4639729a5bc25a6b2b1f375e193da2fd2a72b4c4304c0870d67dee7540be7ddb3aa6e75cc3bf8583
SSDEEP

3072:S5H8Erb9jHCth0VkEJY73e8xMitgGEoDjSmr:S5Xrb9jHCth0Vk4s3TW7oDGY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ca53178d9ff8cc3b2682d522fe685ba_JaffaCakes118

Files

5ca53178d9ff8cc3b2682d522fe685ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b047ca28f45a5e93abd6a92eb483b43c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstChangeNotificationA
GetDriveTypeA
DeleteFileA
IsValidCodePage
SetVolumeMountPointA
HeapValidate
IsBadHugeReadPtr
GetComputerNameExA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

PESEC0
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PESEC1
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ