72b58a2c038fea8273b8f1a9a85052a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72b58a2c038fea8273b8f1a9a85052a9_JaffaCakes118
Size

304KB
MD5

72b58a2c038fea8273b8f1a9a85052a9
SHA1

7cb03f550b2ef9576e15849c7078bc0c721f2b42
SHA256

6aa884b8d40c7d8f93dc88763374c97b55b235a53aab6105fd48ec66235b7385
SHA512

3591fbd7c2d1a3f3124c58676aa2af74af9450995879c64e89d9e1a3b12c1d72b5e436d83934fed104106552ad2ff5f4039e864484b8e6e44c36faab710634fc
SSDEEP

6144:6SCUEGQTC4YSGXr2Cr/5wtEJplTvVMcDEwxWZ6m:jGLTuPXr24/mto9vVh4Nr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72b58a2c038fea8273b8f1a9a85052a9_JaffaCakes118

Files

72b58a2c038fea8273b8f1a9a85052a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ace29731baca54d39ad0fd5713645e4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetStringTypeW
HeapReAlloc
FlushFileBuffers
TlsSetValue
GetFileType
MultiByteToWideChar
WriteFile
GetConsoleMode
ReadFile
LockResource
lstrlenA
CreateThread
QueryPerformanceCounter
SizeofResource
CreateFileW
ExitProcess
VirtualAlloc
GetCommandLineA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ