70bc074fcad11b4652c4ddbd9ec0b42c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70bc074fcad11b4652c4ddbd9ec0b42c_JaffaCakes118
Size

63KB
MD5

70bc074fcad11b4652c4ddbd9ec0b42c
SHA1

2dcc2397d3893cf617d71c6c622b5843c9f3e939
SHA256

1162894e4c63c9a2482dcd2196dc040aab3e54b1e8da73bb0b2407ac56952cb0
SHA512

615281f1c1e14c6b5f0d75779ed3ddfe14caa557c7d15046c4d7d154751af7cdc3dfe23fc6de86907c125f384bde6bfed4cea4131eda962cb92294aa08a797d5
SSDEEP

1536:Puw48aJ79xJwDgsCDgIAgLpwLjtuKCmtH21:PaJfygRAgLuvW1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70bc074fcad11b4652c4ddbd9ec0b42c_JaffaCakes118

Files

70bc074fcad11b4652c4ddbd9ec0b42c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49332b9d9db78553c4b8f8a2a33e43a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Toolhelp32ReadProcessMemory
GetComputerNameExA
FindAtomW
ChangeTimerQueueTimer
EnumResourceLanguagesW
GetCommMask
AllocateUserPhysicalPages
HeapSetInformation
NumaVirtualQueryNode
GetUserDefaultUILanguage

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE