679539493a3a4b5d17c704e96ff004f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

679539493a3a4b5d17c704e96ff004f6_JaffaCakes118
Size

48KB
MD5

679539493a3a4b5d17c704e96ff004f6
SHA1

ee4cbb6480430ad30d3f72217c728bdcc7f63f3c
SHA256

1103eecf7d4d08083a1e260a485c21c413883a3ddae2ec9cecc55d3d562d26b1
SHA512

e9d63b40c3a3142a3ac37e4a287ee3927d504caad06e27386e682e269eddb86fcd0b02cd8cabd8b44171c83d958a3be4e8a81e500d682a591aaf97bdd6f7d313
SSDEEP

768:I7GH0YMEp65XzlkaWh3rCQIxw72RY6sIzVZkX4QRj7ZOdlxxHfNV8ea:gBmrNIS71IzVw7ZMlXNV8j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
679539493a3a4b5d17c704e96ff004f6_JaffaCakes118

Files

679539493a3a4b5d17c704e96ff004f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc9d138c04019f824893df42d4c131de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BindIoCompletionCallback
CreateProcessW
GetPriorityClass
_lwrite
InitAtomTable
CopyFileW
HeapUnlock
GetDllDirectoryW
CheckNameLegalDOS8Dot3A
DnsHostnameToComputerNameW
VirtualFreeEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE