659b92a87a992473f7edc1c8d3a8c3d8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

659b92a87a992473f7edc1c8d3a8c3d8_JaffaCakes118
Size

7KB
MD5

659b92a87a992473f7edc1c8d3a8c3d8
SHA1

dae3551b4e9b279602e9394cc5a1367f4f353444
SHA256

280ad08931264a212e1b7d2b7f1e435738bfa6c16e4bd557010d206c18992142
SHA512

30df05603d8810a91e6f908079a8d60f2ea417fd35751a162140708dfc4c291148a7d72427d118074bb804e9b190556317428fee8cbf3f128e6228def4ccc599
SSDEEP

96:PBxQsYmabxUnVCEAEWZHgxAAIVG+0cchNAVCnxdnIDS4RWdi:PBxQMayVCSygxAlG+G0pDSSk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
659b92a87a992473f7edc1c8d3a8c3d8_JaffaCakes118

Files

659b92a87a992473f7edc1c8d3a8c3d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f9bdcf444a9d2dde568fbadb6860fe6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
TlsGetValue
SleepEx
GetTickCount
GetCommandLineA
TlsSetValue
Sleep
HeapDestroy
GetStartupInfoA
QueueUserAPC
IsDebuggerPresent
GetVersionExA
TlsAlloc
CloseHandle
GetCurrentProcessId
TlsFree
CreateThread
lstrcpyA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE