6f49e3e80dd38c361395412bf61ec4bd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f49e3e80dd38c361395412bf61ec4bd_JaffaCakes118
Size

229KB
MD5

6f49e3e80dd38c361395412bf61ec4bd
SHA1

53b101bf0651970584090781c66d5dd2f0206b34
SHA256

9e472581a3e996e6fe18851c0771c846c7efb419755f8c6930c7b0094a4c4439
SHA512

de70e5da375204da4b158a334354bcb9cdf76f24dd123e052e6d7fa9974e031b20a5f52b768667b9a440aeeeee896e3a016e8d9eb3e63b66478834ce53dadf1d
SSDEEP

6144:HYCbU7tW99HuKxvmBeD61vkwzz/cfi6RQ6FBn:4Cx9Zz1mQ0Ai+Db

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f49e3e80dd38c361395412bf61ec4bd_JaffaCakes118

Files

6f49e3e80dd38c361395412bf61ec4bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7da3ad59e202070650b72193955b7ae1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
VirtualAlloc

Sections

.text
Size: 1024B - Virtual size: 978B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ