8a0efe5588d30432f179616e75a0774c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a0efe5588d30432f179616e75a0774c_JaffaCakes118
Size

66KB
MD5

8a0efe5588d30432f179616e75a0774c
SHA1

13a9a2a4436f04406cb95533f9762a396c873100
SHA256

8ff467ed133fc02c212eb2addd15510c6926992e26982f400818675d432414fc
SHA512

d32af6a24323e3e9c8b2bc8d29a511c3d9552def66170df8944bdbd14d9107012cc847a8816bf2f568f99d4e798d18ba031cfbfa3e2169203fe601cb6eb7c853
SSDEEP

1536:k2/YvFu0EkQ5wadbZRolBVrSH71s7uEyF8KTNxWV/:k2QLEkQSaZTolBFSb1hQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a0efe5588d30432f179616e75a0774c_JaffaCakes118

Files

8a0efe5588d30432f179616e75a0774c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f37842a71924e6bcaf7be37208ea72c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
CreateMutexW
VirtualUnlock
NlsConvertIntegerToString
BaseDumpAppcompatCache
FlushConsoleInputBuffer
GetDefaultCommConfigA
GetSystemWindowsDirectoryA
SetTapeParameters
CreateNamedPipeA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE