868097a2c56098587d0939ee19131951_JaffaCakes118 | Triage

Sharing

General

Target

868097a2c56098587d0939ee19131951_JaffaCakes118
Size

109KB
MD5

868097a2c56098587d0939ee19131951
SHA1

206da9e4a557352622c1dcaba1fa3cc66c67d913
SHA256

694d7c7497f54a209d0082512c6786360a6d2362da9608eb328ee0338a83c71b
SHA512

42fad12ecfac0bf58de22c4e0052c0f727e50a167320802203b068395841cfbf27e9ab60bb786fd669720e8132cd83fa7951536a3d07b6ca862a0e85f365954b
SSDEEP

3072:JxU74j6TfClOzmPrjr2UIYPxnsk9KfKTtj6+RTrnX:JxU7+6TfClO4rX2cPxsk97TtjzfnX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
868097a2c56098587d0939ee19131951_JaffaCakes118

Files

868097a2c56098587d0939ee19131951_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71ef7fcfb4cabb0dd02146dbe53e8805

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
LZCloseFile
LZClose
Module32FirstW
ReadProcessMemory
FlushConsoleInputBuffer
VDMConsoleOperation
LocalHandle
SetProcessWorkingSetSize
CancelTimerQueueTimer
GetLongPathNameW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 85KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE