83b95ba01cf6f199c508ee01acab8fd7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83b95ba01cf6f199c508ee01acab8fd7_JaffaCakes118
Size

1.5MB
MD5

83b95ba01cf6f199c508ee01acab8fd7
SHA1

1658646d5d6feabd78b2e069e668fe373ba142f8
SHA256

4cf3d02c02aac5bff8263058d7c97284a04a3e2bbf9fa2b7e235124d94d8bd9d
SHA512

62085e829dd9ee5e2a9faf09e4bc9dda76b5fa950e1101e01bf3d425a6da993dd07c5d9c166f74123c3b7de8ef00671c014d4ce5bfc06e7c4cd4584d66258362
SSDEEP

24576:lqUuHU9wrUGzL1zElReOITAb7TEADqw2OHQqzKiCGb:lqnMwrUGzLVwNIT0EWqwPHZmiCK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83b95ba01cf6f199c508ee01acab8fd7_JaffaCakes118

Files

83b95ba01cf6f199c508ee01acab8fd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

871149f918b966d0646ca35ee08aef40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetVersion
GetModuleHandleA
GetCurrentThread
GetModuleHandleW
GetTickCount
GetCurrentThreadId
GetUserDefaultLCID
GetSystemDefaultLCID
GetLastError
GetUserDefaultLangID
VirtualAlloc
LeaveCriticalSection
FindFirstFileW
TlsGetValue
FindClose
SetUnhandledExceptionFilter
SetErrorMode
WriteFile
GetConsoleOutputCP

Sections

.text
Size: 351KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ