830cb26c0dde559d9b24491ad344f4fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

830cb26c0dde559d9b24491ad344f4fb_JaffaCakes118
Size

56KB
MD5

830cb26c0dde559d9b24491ad344f4fb
SHA1

c2d2ad4ec59fc68c201ce00c7ab7a69ebb478114
SHA256

7148fc498377a0c2617885b0382fa534262758963aafee347fb6e3928c6f74e4
SHA512

3c1fb5a6ced7d04382c4747f3f1fe2ebacc5a731b46151afe8ad7292d82ac72e79d57a6c76f1fbf047f5528c7b9904e5024f758616ec8b94698dca1dd635b719
SSDEEP

1536:Hw1olqqFhu6NPEK57lIYYjaquwQ1tT2l/:WwA6N8K57fWpurQl/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
830cb26c0dde559d9b24491ad344f4fb_JaffaCakes118

Files

830cb26c0dde559d9b24491ad344f4fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3171baa779a43d7f6821a3d73aa4c5ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFlags
CreateNlsSecurityDescriptor
RegisterWowBaseHandlers
LoadLibraryExW
GetSystemWindowsDirectoryW
GetProcessAffinityMask
GetProcessVersion
GetConsoleOutputCP
GetProfileStringA
GetLocaleInfoW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE