60365bd5209dcd4f6d92f5bcaaa13ce6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60365bd5209dcd4f6d92f5bcaaa13ce6_JaffaCakes118
Size

32KB
MD5

60365bd5209dcd4f6d92f5bcaaa13ce6
SHA1

644298a537333189c5b26734ac0923eb4be35029
SHA256

be65abcdf3da8c5d63656d4b7520bd8d772824a2298d9b630062ffa2e6e4301b
SHA512

2abaaafb8b7e10da9d18e068bd7d7020a7444676ee3e3869ea406eeacded935be99ffa39e8a82d8aceeb2b5fdf92b3c1f1c593af02b096301d8127a7cc61ee29
SSDEEP

768:SmK9BSp2B82r4IabOOeEM8HhaE3107MiP23y:g22B82rnqeETKz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60365bd5209dcd4f6d92f5bcaaa13ce6_JaffaCakes118

Files

60365bd5209dcd4f6d92f5bcaaa13ce6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe360d81f7dea9300c4070ac66fa2ec9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateThread
ExitThread
FlushFileBuffers
GetCurrentThread
GetModuleHandleA
GetProcAddress
LoadLibraryA
ReadFile
Sleep
TerminateThread
VirtualAlloc
VirtualFree
VirtualProtect
WriteFile

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE