83011ab0a6590fb6006fe154103733e1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83011ab0a6590fb6006fe154103733e1_JaffaCakes118
Size

137KB
MD5

83011ab0a6590fb6006fe154103733e1
SHA1

bf7702bc77010dce4c9a4de7be2d3123e3917f70
SHA256

272f782f4d91777e830c0590d054e8ddad13c82a3f0144cf1c851c9e0c5046a7
SHA512

1e284b0e08113da445d12868a462ff2a60494759b8bd04bf6353929a68974fe71a207dd4f69b43326d171dbfcb545af7a870294e097241c6ffa3d6edf512dca4
SSDEEP

3072:XoBVHeHkIKwt2CYkaOx3RoNx1Tc/CZ2Ub:Xg/IvLx3S1+C0Ub

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83011ab0a6590fb6006fe154103733e1_JaffaCakes118

Files

83011ab0a6590fb6006fe154103733e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

670c7af6a41a1bc293de8267478c3ea9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

VirtualAlloc
SetFileTime
OutputDebugStringA
CreateFileA
WriteProcessMemory
UnmapViewOfFile
WaitForSingleObject
OpenProcess
WriteFile
VirtualFree
GlobalAlloc
DeleteFileA
FreeLibrary
VirtualAllocEx
ExitProcess
SetEndOfFile
CreateFileMappingA
CloseHandle
GetProcAddress
CopyFileA
ReadFile
CreateRemoteThread
SetFilePointer
GlobalFree
MapViewOfFile
GetFileTime
VirtualFreeEx
LoadLibraryExA
GetFileSize
LoadLibraryA

ntdll

NtQuerySystemInformation
RtlAdjustPrivilege
NtReadFile

Sections

.rdata
Size: 1024B - Virtual size: 1022B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE