779470367c11dc950fbd9fa8c1a4c815_JaffaCakes118 | Triage

Sharing

General

Target

779470367c11dc950fbd9fa8c1a4c815_JaffaCakes118
Size

63KB
MD5

779470367c11dc950fbd9fa8c1a4c815
SHA1

01a463bbc9f1ed498578506d9e442c2074b50c00
SHA256

7455783579ba4d2637f24b6f256806937cd0b820ec83bd75e944b2c6110fbc59
SHA512

b1e1884ba58f9806fce2147cfe3aa09289b7da4979f7b9707e33d3c03c7dba4f768551bfabb2fbfa50d023e267ce6245d379c0d7c140e7da952b2431a6a3ce3c
SSDEEP

1536:X8IemmDZtbJLKvTYP2e6FUU8Cji2oNSGvsrDZO9J0WuyaDYKqzWpE0kmU:01CjihfK94KWiqzW5kx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
779470367c11dc950fbd9fa8c1a4c815_JaffaCakes118

Files

779470367c11dc950fbd9fa8c1a4c815_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e29b3223bc4ad40eab0cb2404d09131d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteTapemark
WritePrivateProfileSectionW
FindNextVolumeA
lstrcmpA
ReadConsoleInputExW
NlsResetProcessLocale
GetEnvironmentStringsW
FindFirstFileExA
GetSystemDefaultUILanguage
GetFullPathNameA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE