75df6e2c8de2a084836b6066d21f7752_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75df6e2c8de2a084836b6066d21f7752_JaffaCakes118
Size

375KB
MD5

75df6e2c8de2a084836b6066d21f7752
SHA1

0f2b34c0a24f300226eb0d447c0ee0cff0cdefb1
SHA256

c34b71b285879f887497e0b0a18123dac47f89e08f7dec7aef5f305f93a54439
SHA512

426bd57d5e54cc5e81bcbce89fc39afbc38e0d4df7e1fd36ca17cef14806a188f3e5297047241e8212e01a9a332c631968a64bc71ae1712b78c2d8011b9e44d4
SSDEEP

6144:KKbPECt1yxxKF9erh2x3npmwvQQnEjKkWe8jSDsW3Ba86Vn:DrECt1yPKi2F0w4R9WdSDd3Box

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75df6e2c8de2a084836b6066d21f7752_JaffaCakes118

Files

75df6e2c8de2a084836b6066d21f7752_JaffaCakes118
.exe windows:4 windows x86 arch:x86

284d5b802d1cbddb688f34d5204e1a80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

IsBadWritePtr
SetVDMCurrentDirectories
DeleteAtom
NlsGetCacheUpdateCount
HeapFree
SetVDMCurrentDirectories
VirtualAlloc
FindNextFileA
TerminateJobObject
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

itext
Size: 4KB - Virtual size: 1020KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

idata
Size: 349KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ