76cea2c32cbe866d5890e10d5ddbc996_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76cea2c32cbe866d5890e10d5ddbc996_JaffaCakes118
Size

115KB
MD5

76cea2c32cbe866d5890e10d5ddbc996
SHA1

81a61f72c6b9c8742d1908dd3b2f686711923799
SHA256

312975a5597cb73f3e8b90e2d9cabc1991eeff9a6ed0c3bce7f48e7acd4f4f2d
SHA512

1317d46b532b59322a0971234e2d5f0f85711e984546b14e32a613785c25d2d27996d15638960842cad58696bb50b765917f7c045662ca247d9e22b90af8e055
SSDEEP

3072:ZyASDuS3mYUvBw4C+miuMtDV+BrQCkDm8adYD/Z8T+:gmzJz7DpaiD/4+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76cea2c32cbe866d5890e10d5ddbc996_JaffaCakes118

Files

76cea2c32cbe866d5890e10d5ddbc996_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0cc2015a2c57d8653c370280c47efc84

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RegisterConsoleOS2
RtlUnwind
MoveFileExA
RemoveLocalAlternateComputerNameA
ExpandEnvironmentStringsA
GetLargestConsoleWindowSize
IsBadHugeReadPtr
_lopen
GetProcessIoCounters
ValidateLocale

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE