73de2c17b35be966af65d66f792909d8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73de2c17b35be966af65d66f792909d8_JaffaCakes118
Size

111KB
MD5

73de2c17b35be966af65d66f792909d8
SHA1

d407a548f77329a1184af90b21d8a543fc2c0da7
SHA256

4aec32678228fdf1b3d8ecd78cb9c3aab28cfd105c37e956d0ab96860f420db3
SHA512

9fdfcbfda2605b201a2ee0bc9ef1b77c8a4ce752a7d60b9cb07cb47870dba00553477897143a3d69081edfbdf05b60e01621523fcc3f0a3556236aeb6facbe74
SSDEEP

3072:Q4h+zr1blMUroxlWWMRjBkMqhGKZTb8V:Q4h+/pllzWWibZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73de2c17b35be966af65d66f792909d8_JaffaCakes118

Files

73de2c17b35be966af65d66f792909d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9da494b60f7787203cc88710ce30b0c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleTextAttribute
DisableThreadLibraryCalls
GetBinaryType
Heap32First
BaseCleanupAppcompatCacheSupport
OpenMutexW
ReplaceFileW
GetNlsSectionName
WaitNamedPipeW
SetFileAttributesA
EnterCriticalSection

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 55KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE