826fbef00384ed8755a478639d1cf478_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

826fbef00384ed8755a478639d1cf478_JaffaCakes118
Size

56KB
MD5

826fbef00384ed8755a478639d1cf478
SHA1

bc3333dd28c22ca7ca5b40294d0639e1fe6e757c
SHA256

8623fe2771f6e1aad28d07db4ba774b3a3621d0860c665107f8e2f4692d4ea1e
SHA512

27a945571bf24016991d3ea049baae8a00d4a1d2724523dacccab9b894d327c542dc602ddad76ad2775177cba0017d426faad0baf2c0aa3e903403e2b9775f10
SSDEEP

768:2zKKtekKCvPJr98czfYX+pOP18JyOPbQ5q7qZEegm9GSOS5Q4miYn3br92xq/+ZG:21tBFb7qZ/bg9SBmvn4w84aK8sA16

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
826fbef00384ed8755a478639d1cf478_JaffaCakes118

Files

826fbef00384ed8755a478639d1cf478_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e73eb813792e7de56f485eefc799108

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBAndTimeoutsA
CreateProcessA
GetProfileIntA
GetPrivateProfileIntA
GlobalWire
SetTimeZoneInformation
GetExitCodeProcess
DeleteFileW
GetNumaProcessorNode
EnumSystemLocalesA
DeleteTimerQueueTimer

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE