6ff0cec88775d4e40c302b0283521bed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ff0cec88775d4e40c302b0283521bed_JaffaCakes118
Size

27KB
MD5

6ff0cec88775d4e40c302b0283521bed
SHA1

8bba2214ef670938a5df66aa12fc244409f2d711
SHA256

c6b29dc50f44495c072542dcccdcbac71bc769b1a1134c8053d3e075bfe592fb
SHA512

b1de5bcad353bd0c9b7d02cb72be02f9ce4c4e3833673a8bb9c4c879d20991a0bfe45f3e84107bdd1cfb296d709984ae3fc8fcd405f4d0f23f4e039041fa6757
SSDEEP

768:B4iLshatOccl8MPcynrt2Ma2w+sAy6KrpkpQ:B4iLshar6/TVc+sAyxkp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ff0cec88775d4e40c302b0283521bed_JaffaCakes118

Files

6ff0cec88775d4e40c302b0283521bed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb39b1bc16ab700195d854798f550a0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
DeleteFileA
WriteFile
ReadFile
CreateFileA
IsValidLocale
GetThreadLocale
GetModuleHandleA
HeapAlloc
GetProcessHeap
HeapFree

msvcrt

memcpy

mprapi

MprConfigGetFriendlyName

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 342B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ