86eb346ce4fdaa03ca1da1667823b183_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86eb346ce4fdaa03ca1da1667823b183_JaffaCakes118
Size

920KB
MD5

86eb346ce4fdaa03ca1da1667823b183
SHA1

5c876dd22b6674859290aa21730706dfe9317206
SHA256

e07e18d57e9867f3558e848df9daceff774822e4afaf1137bcae59334072c0ac
SHA512

6112ff0a82b8e92eaf3e8983f2913f3d29b0709cae87b77a50ef8215ee44598544a80a823d7b256533174a34afb071045dedca979b09e7d0057b168e99b03537
SSDEEP

24576:sG+msZt82Gzhkpf9uRHsv0RzY5K06kufb:sRtXGzKF9uRHss1Y5cfb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86eb346ce4fdaa03ca1da1667823b183_JaffaCakes118

Files

86eb346ce4fdaa03ca1da1667823b183_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4582ffdd7eb98cb63a937096204182b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetTickCount
GetModuleFileNameW
GetCurrentProcessId
OpenFileMappingW
GetLastError
MapViewOfFile
CloseHandle
CreateFileW
CreateFileMappingW
UnmapViewOfFile
GetFileInformationByHandle
VirtualAlloc
VirtualFree
GetModuleHandleA
GetProcAddress
LoadLibraryW

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xcpad
Size: - Virtual size: 1.2MB

.idata
Size: 1024B - Virtual size: 626B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ