93fdf1972c0f2cceb4a6aa2e91bb8008_JaffaCakes118 | Triage

Sharing

General

Target

93fdf1972c0f2cceb4a6aa2e91bb8008_JaffaCakes118
Size

52KB
MD5

93fdf1972c0f2cceb4a6aa2e91bb8008
SHA1

e37457385f54254180b294b1b1f0137f620c46de
SHA256

18bd85045f8c2a457146b07620d780ea2e4a906540cc8c5cf7a97f12c55d817d
SHA512

258ebfe396f75169a1ae04d0f171ab4256fc9e33194853af2e0c85e17e89dc944b7d0b6b2bb17f35f94c161e80ae4bbd993f5dce4fc9c4d7a84acaf32cec03d6
SSDEEP

1536:5l/c2lj4IFn+ljNa1gnzikKtpQV/NTv7j:b/c2lkIFn+lj81gnekmq/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93fdf1972c0f2cceb4a6aa2e91bb8008_JaffaCakes118

Files

93fdf1972c0f2cceb4a6aa2e91bb8008_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cbe1e6bef86b0d3d693fba33deca4df1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
LocalFree
SetEvent
VirtualAlloc
GetCurrentProcessId
GetProcAddress
FreeLibrary
SetFilePointer
FindFirstFileW
GetDiskFreeSpaceA
ExitProcess
LoadResource

msvcrt

??2@YAPAXI@Z
??_U@YAPAXI@Z
?terminate@@YAXXZ

user32

BeginPaint
RedrawWindow

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ