72ca31329f9d3185832a76ba5165a0cc_JaffaCakes118 | Triage

Sharing

General

Target

72ca31329f9d3185832a76ba5165a0cc_JaffaCakes118
Size

12KB
MD5

72ca31329f9d3185832a76ba5165a0cc
SHA1

66f210f5c8643e2ed24016f362decdb029c96052
SHA256

e8fd61136a3fa38a8e44692ee70bf23275bd8cf1bff406ba925eac2903c8c584
SHA512

ed99eb2b067315595a41e992a201649b7aefe5a7e982a029181d07b2f653f6d5bd331347a60d881c966a2959bdd2cd20102686eb07b25ed4c35d0641c0606f66
SSDEEP

192:nrBrxQrH7dBWgxAqpxqiWvnZOWgwrebBNb98FZ1jZsTaViJkB6uQGzzNea:rD+7dLLOiWvZ7rebBNb94jiJkB6l8N/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72ca31329f9d3185832a76ba5165a0cc_JaffaCakes118

Files

72ca31329f9d3185832a76ba5165a0cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30d66d6ee50cd7ccb5d641d6ae3b9229

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32.dld

ExitPro#ess
LoAdLibraryA
lstrlenA
GetCurrentProcers
GetProcAddress
lstrcmpiA
CloseHandle

justtokenprivileges

HookupP2ivilegeValueA
OpenProcessToken

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 358B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE