76e67cf6ae2bdeeebf93e8b0677f06fe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76e67cf6ae2bdeeebf93e8b0677f06fe_JaffaCakes118
Size

94KB
MD5

76e67cf6ae2bdeeebf93e8b0677f06fe
SHA1

efc638e6d8b46aab575e43cb977dd21ce7026fcf
SHA256

14a930df6e85dd86b02f88b9eb0131a3ae33f7b5285df85410ad1d9c5cfbf6b8
SHA512

1dc3181ec9d5bfe53ffd0594a45062f09278b278a60dacd522c5677f1a01d4997562369f10287c2f5297ea7e22104242b65cf36f554b444d22cf0ecf2d8a300b
SSDEEP

1536:t977YPWu/vnFIZ988ynn0OTtnSOeUAL+NeywwTcsHXZpJIvVViSzWouV:t97QW0vnFIX88y7nSOewbYspsVzz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76e67cf6ae2bdeeebf93e8b0677f06fe_JaffaCakes118

Files

76e67cf6ae2bdeeebf93e8b0677f06fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40f18796abeb063b12d5d3ee833076f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomW
DeleteFileA
Sleep
VirtualAlloc
GetLastError
VirtualFree
ExitProcess

Sections

.text
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 217B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dsfwer
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ