8215b0742d0da0422d17c66162fa6227_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8215b0742d0da0422d17c66162fa6227_JaffaCakes118
Size

83KB
MD5

8215b0742d0da0422d17c66162fa6227
SHA1

25277aea78bad6fe3956caf72a79645631fa7e60
SHA256

6c6f9a321e66ce945444dc6040fd0129666037f54b4da158f8890a16bee94a65
SHA512

4f05764d1f96a637555b2b3e4a3856375fdce9c6f68d7e2338c51a6b0b9d5aca6cf0a3147ed292e3126f559c17e0bf7cb3aa2cc9ff30060d56ac0af4eb23fcfb
SSDEEP

1536:xsVfsgqcIl8CuHmbNzII8FE9I/uR22Lv2swts6b79HR4LEpjVrs2ryrd1vUQuqUL:uJdICN8uS9Io2yvwtNn/4LEHs2qV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8215b0742d0da0422d17c66162fa6227_JaffaCakes118

Files

8215b0742d0da0422d17c66162fa6227_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07d30b359923e7e6001162fa1073a7b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnWire
SetFilePointer
CreateVirtualBuffer
IsWow64Process
GetLogicalDriveStringsW
GetComPlusPackageInstallStatus
GetStdHandle
BaseDumpAppcompatCache
GetSystemDefaultUILanguage
DeleteFileW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE