953c2530bb186fef498c2c3ceda0ce99_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

953c2530bb186fef498c2c3ceda0ce99_JaffaCakes118
Size

30KB
MD5

953c2530bb186fef498c2c3ceda0ce99
SHA1

6f2e3566b78b07b173a0b38a47e9057a2e1a6fde
SHA256

3382979018457b7759142cfc5ef8b24bdb41330286960865fa4b5e1a03b8b300
SHA512

2f8bda9b58c9f170304f79166ce3028e1de57d6dfc606e456c979d5577b83acdc37a07f3e23d9291d69488342b262638043637b4987d96060527aefff474b627
SSDEEP

384:2uF5ixevSz9IOeTWa40+zeZhJPc/+jAQds4JyhC4rU8xWy9DW:tPeevm9LeL4Pze1Y+kQdRJyM4rUk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
953c2530bb186fef498c2c3ceda0ce99_JaffaCakes118

Files

953c2530bb186fef498c2c3ceda0ce99_JaffaCakes118
.exe windows:5 windows x86 arch:x86

781771449d25eac72d74a7468ac735fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
Sleep
LeaveCriticalSection
WideCharToMultiByte
TerminateProcess
EnterCriticalSection
GetModuleHandleW

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ