89629baa58547ed24b6e589f003acb7a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89629baa58547ed24b6e589f003acb7a_JaffaCakes118
Size

62KB
MD5

89629baa58547ed24b6e589f003acb7a
SHA1

b97fde03fbbefe50c4b1714bd965eb6da75e5e58
SHA256

534bb7af7afe517af3b6e3276afdc0d75f4b6c85046d6ebdab98903d6754f2b8
SHA512

a7fb7937272e97fb77269b6e7aa55595054232b8f9c15494ff016fe51fe423f0662bf26f339c254f2ec33d6021fe87e5bb2031efe6b5a80b931b45a192f02a12
SSDEEP

1536:+Dg+oorQWivU153Zjui4OJe2CH6zQBhsnmNlf7V:+sZAQWMoJpoBzl7V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89629baa58547ed24b6e589f003acb7a_JaffaCakes118

Files

89629baa58547ed24b6e589f003acb7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4874d5838aab24b3806be5fbcd8c14fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumUILanguagesW
FreeUserPhysicalPages
Heap32First
lstrcpyW
GetSystemTime
GetConsoleFontInfo
LoadLibraryW
GetSystemTimes
CreateMutexW
lstrcpyn
FreeEnvironmentStringsA
SetProcessAffinityMask

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE