71d3deadb015044649f0fac8df4d6186_JaffaCakes118 | Triage

Sharing

General

Target

71d3deadb015044649f0fac8df4d6186_JaffaCakes118
Size

42KB
MD5

71d3deadb015044649f0fac8df4d6186
SHA1

6aa1571232360b3005934dcbc6eef6b9093ec5c1
SHA256

5ce485b1b8c67d28bdda6cb521c10908dab5b9bb23dd7beb24c07c9edf9dcbab
SHA512

c7b6b2ec81d3fdd8f609c1b1a2cf0092fd3f87168c2b41230e601e081c9be8e9568347027d0f2586c3c6e85c63d91c370829c4871b36cb5f7af9e4887a7ce100
SSDEEP

768:iq6t8zgbNXxmyJ3/rLC373+YCOPvxNCdDXB/QyNJ0ZrJXoXOr:JsbNXDzL4LXCOPvxQTbL0Fm+r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d3deadb015044649f0fac8df4d6186_JaffaCakes118

Files

71d3deadb015044649f0fac8df4d6186_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a615103bc0c46270241eb6c7ca88a2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
UnregisterWait
EnumerateLocalComputerNamesA
GetProcAddress
GetProcessIoCounters

user32

DispatchMessageW
CreateWindowExA
MapWindowPoints
DrawIcon
PostMessageA

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 513B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ