65587d758db9fef7d3805a82ff19649f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65587d758db9fef7d3805a82ff19649f_JaffaCakes118
Size

132KB
MD5

65587d758db9fef7d3805a82ff19649f
SHA1

2451d2bf3c4919f311b3c17888f8aefcf037181b
SHA256

829f80c20015da65c6e01e9ab65b4120ee0716433fe790d84e3213fe917fb036
SHA512

83d32803a51a74944e704cf160ab497ee90b615bbb604aed9fa73db563ab51008ba2f7a333965e962bcedeaba16a47dcccfc0b014e606769ef01639c2e6298ad
SSDEEP

3072:5mAT8ysufceYhYrB8mnFF8otRQxH32GLcfUNv:0A4xG4euHGGwe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65587d758db9fef7d3805a82ff19649f_JaffaCakes118

Files

65587d758db9fef7d3805a82ff19649f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0762ce4dc7fcaa5c898853f1d2eee815

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadTimes
SetTapeParameters
LCMapStringA
BuildCommDCBAndTimeoutsA
GetExitCodeThread
RegisterWaitForSingleObject
ChangeTimerQueueTimer
AllocateUserPhysicalPages
GetCurrentThreadId
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

PESEC0
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PESEC1
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ