6a561c9abeae088798bc052393c8ad8d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a561c9abeae088798bc052393c8ad8d_JaffaCakes118
Size

112KB
MD5

6a561c9abeae088798bc052393c8ad8d
SHA1

ad7ca0c2cde987a7c7004f31526f686d2a794c24
SHA256

45ca545a51f2840424a79355a47131ab37f66cfec87879fa3b016dd0d3c0d3f1
SHA512

c41e0c2919db0be7251ec7d6cbc16af63f548feb91074150167bd6b860f087acec3957f8a5b865a83b6be2b416543b4f1aab3bc66d72999e85704ca4438920ba
SSDEEP

3072:OsDC/UEOpFXxan1XW2y1/CJH/5sfPyu4T3:OsDC/U9pFXxIm2v7sfPLm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a561c9abeae088798bc052393c8ad8d_JaffaCakes118

Files

6a561c9abeae088798bc052393c8ad8d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5374be976bec5351e1405026b6d72ec6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
lstrcmpiW
Sleep
ExitProcess

winmm

timeSetEvent

comctl32

InitCommonControls

Sections

.text
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE