72e4af029dd4bc23dfc44aafef4c0d3a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72e4af029dd4bc23dfc44aafef4c0d3a_JaffaCakes118
Size

56KB
MD5

72e4af029dd4bc23dfc44aafef4c0d3a
SHA1

d8016b5789265816afff0111c9ae4ee969c160c8
SHA256

cfa07566929953ffbff5c2d7071871158d750b926c2852ac9d62230d4f8980d9
SHA512

161e1c285338e1f24f71a7eb05ea25920e4d7f5aef5d82b8102935fa8ea9b5fd8f3f272efea9d49b4f5d28cdfaecfc4f22ade426a3c2df693308160b65523ea3
SSDEEP

768:TYtnvx4VgrWg6/DhF8Se8b337mLB30JQO+3fOXM6O7Z5bn5pe+VOPrPJTfr97IjS:T6vx4cendjiOsWXM7bzOzBTfr+HvW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72e4af029dd4bc23dfc44aafef4c0d3a_JaffaCakes118

Files

72e4af029dd4bc23dfc44aafef4c0d3a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

163e0366f9574a2142d9f26ab3003426

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLocaleInfoA
GetComputerNameExA
IsBadHugeWritePtr
GetStartupInfoW
ActivateActCtx
GetProcessWorkingSetSize
CreateSemaphoreW
ReadConsoleInputW
EnumUILanguagesW
CopyFileExA
GetVersionExW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE