953f3a4fffd19646cf736aa16dc913cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

953f3a4fffd19646cf736aa16dc913cb_JaffaCakes118
Size

116KB
MD5

953f3a4fffd19646cf736aa16dc913cb
SHA1

3311677674b66971a87ce2df0f6d8fe6ef5a912d
SHA256

237b1fcc1fc4182513e0eb4e7794a2cdeeaf62b58743238a576d2569428b83b0
SHA512

c47c0c718840bef6d72d48c90c79e9dc85abf05cb04f2c2b38f46cd9cfb5225aaa4ee0322185a0a194ec1280ff9a13ed1b338cde6ec6a55ca9c6a23ff86eb56d
SSDEEP

1536:iI10linT4EX4omc53/H9GNMBSDRHfqkkJTZWHOVcnisRAzAAV4KJtKKWTI6Snd4V:fOlulj3/H9/Boq3WHucipIBBKf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
953f3a4fffd19646cf736aa16dc913cb_JaffaCakes118

Files

953f3a4fffd19646cf736aa16dc913cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c492b5db274884ca4ce3e1cd1edd7213

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
RemoveDirectoryA
Sleep
ExitProcess

Sections

.text
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Ucaof, F
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Xiokex V
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Fjermuwu
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 173B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ahchjdg
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE