8a601846c0d7404c8b63627aa8dc8123_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a601846c0d7404c8b63627aa8dc8123_JaffaCakes118
Size

86KB
MD5

8a601846c0d7404c8b63627aa8dc8123
SHA1

afb1bc522529c5ad5f849f30bd14422683957315
SHA256

21b35ffb945045a575324ee3c11ab055e7e119c194bc0fe828cb6c5bc8894317
SHA512

c51774fcc14bfa4502d17944e7b138b9839600de6494bd12ef26588f574f70d6399067c1f94c80027e7f68fa0045b283fd11558f2864fef916a28ba72292dd5c
SSDEEP

1536:QNJzL2z+cW8fRarqrDJUBVbbZcxRPFG02fTYU0t0l5snRx:KzL2ycW8fRaWrDEpdEPFKx0t+SX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a601846c0d7404c8b63627aa8dc8123_JaffaCakes118

Files

8a601846c0d7404c8b63627aa8dc8123_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ece51fe4997f548394900df05a97785

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileW
IsDBCSLeadByteEx
WritePrivateProfileStructW
CreateHardLinkA
LocalLock
CheckNameLegalDOS8Dot3W
FormatMessageW
OutputDebugStringA
CopyFileW
CreateFiberEx
CheckRemoteDebuggerPresent

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ice
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE