8a4571fe9df8f4c1127ff285ce4d4e8d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a4571fe9df8f4c1127ff285ce4d4e8d_JaffaCakes118
Size

76KB
MD5

8a4571fe9df8f4c1127ff285ce4d4e8d
SHA1

14fed63309b7f82a53bc84b0b0cad52f36a51145
SHA256

e3e615f313029dcd26faa974edbd408a5325fc620aa943e2b66c6c7f1ff08ed3
SHA512

db4782d138c1e7adbdaa599bfaff8d5101ffe49c69a2ea68b8c31c9e10dd42e4cf806d9b0dfec639b46a4be54b4a47110e665b08fcb99ffb08b1a6fe9e327b16
SSDEEP

1536:iG+KIChHbv0vs7AlqM4dYcoCa7x4N68tHVAjEErxTWDTMqhGKYIZTET8x:H+KICp3A4YcraY6MHVAjBkMqhGKZTbx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a4571fe9df8f4c1127ff285ce4d4e8d_JaffaCakes118

Files

8a4571fe9df8f4c1127ff285ce4d4e8d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b212278541afffbc2d1dd821a6d77e59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BaseFlushAppcompatCache
GetSystemWindowsDirectoryA
FindActCtxSectionGuid
SearchPathA
RtlFillMemory
CreateEventA
EnumLanguageGroupLocalesW
OpenDataFile
IsBadReadPtr
SetConsoleOutputCP
FindNextFileW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE