86d6f1ce64d269561b898c41cbed3a0c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86d6f1ce64d269561b898c41cbed3a0c_JaffaCakes118
Size

94KB
MD5

86d6f1ce64d269561b898c41cbed3a0c
SHA1

81087aec56d009c35ecd2dcedfab12a7829f7334
SHA256

94cdf4bcf72ab04658c98aa0577e281601dd9161bc5cfc04977215e9c6cfff7f
SHA512

1753c69c5978890f5ddcafef7dc28a17ec3e9b6c77da3d1d9ae4ccc3c38392a4377e32b65f946a30df478390090f5a25a0267b8adff4a4758400e1324f283a71
SSDEEP

1536:I4b5Z+Kr5+G9YDykLs4PQBlTH71vQuZqxc8YaEJwZK4/83ZoMOALF6SSf:I4bHr5+sYDBsZBN10xhZEXtpxLF6H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86d6f1ce64d269561b898c41cbed3a0c_JaffaCakes118

Files

86d6f1ce64d269561b898c41cbed3a0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1256a2e1e90a25c9cd87d0846f37f62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastConsoleEventActive
ConvertFiberToThread
ConnectNamedPipe
GetFileAttributesExA
FindNextFileW
GetProfileStringA
FindNextVolumeMountPointW
ChangeTimerQueueTimer
WritePrivateProfileStringW
GetHandleContext

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.krdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE