6126345a85859c430464679a10de0341_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6126345a85859c430464679a10de0341_JaffaCakes118
Size

63KB
MD5

6126345a85859c430464679a10de0341
SHA1

e152d071aa4417a5ee1709cf46dc3a193baf4434
SHA256

13fa82938a07230879d1b56fa541ca42410476e1e08e5b07b16fcedebe59bfc6
SHA512

1d202016283eec1896bc1553d1e7b3f6d53f6d7d2f35531e2dab6c5a1ba5977ec717ccf5945c7b93d55419d421cd1453424e928457d559ef3ea6734e25872132
SSDEEP

1536:E4rQsUaQHqsmHAfxDSNzTFn0Tk3xeC/e14UN72g2j:E8QsU/qs1fxWN/Fntx1w57Oj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6126345a85859c430464679a10de0341_JaffaCakes118

Files

6126345a85859c430464679a10de0341_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c90b1d753f0dd9eb83cd89f4655ee264

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreatePipe
GlobalGetAtomNameA
GetNativeSystemInfo
FindFirstChangeNotificationW
WritePrivateProfileStringA
GetPrivateProfileSectionW
FlushConsoleInputBuffer
GetTimeZoneInformation
EnumResourceNamesW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE