824de6d294762e500cc3262c96f34c86_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

824de6d294762e500cc3262c96f34c86_JaffaCakes118
Size

1.5MB
MD5

824de6d294762e500cc3262c96f34c86
SHA1

6f775a71ee72c44a8ebdee86a366db009afe67d9
SHA256

3df890b54387f7c36288d2d34981dc2cb567cc1a6fbdbd47f4e0d3ab84eacca4
SHA512

bf5c4fe8ed9bb7f97be07fc88d2eeab50d5ca1e975cf6ef066fd212d820750410f96303ed480c57ad1852beab935c2e31af550cc507f88b91c11cbd451e6c0c4
SSDEEP

24576:lqUuHU9wrUGzL1zElReOITAb7TEADqw2OHQqzKiCGm:lqnMwrUGzLVwNIT0EWqwPHZmiCN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
824de6d294762e500cc3262c96f34c86_JaffaCakes118

Files

824de6d294762e500cc3262c96f34c86_JaffaCakes118
.exe windows:4 windows x86 arch:x86

871149f918b966d0646ca35ee08aef40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetVersion
GetModuleHandleA
GetCurrentThread
GetModuleHandleW
GetTickCount
GetCurrentThreadId
GetUserDefaultLCID
GetSystemDefaultLCID
GetLastError
GetUserDefaultLangID
VirtualAlloc
LeaveCriticalSection
FindFirstFileW
TlsGetValue
FindClose
SetUnhandledExceptionFilter
SetErrorMode
WriteFile
GetConsoleOutputCP

Sections

.text
Size: 351KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ