95609622f8f814f81b93ce9f7496ac6a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95609622f8f814f81b93ce9f7496ac6a_JaffaCakes118
Size

83KB
MD5

95609622f8f814f81b93ce9f7496ac6a
SHA1

ee06c46851f3f5977bde3cded1bdf07a9e5efb6f
SHA256

ea223652bc00ea8a0cf3d3058810a0ef284e1dea470c3480147be65257ab6834
SHA512

ee7f5573667f9334c4d9a187b333373cf5a9b92221f846b4275e20b10f3babc62779d001052cfebf8449ac6eb40968397e7a01bf002cf6608bcb22b11359a830
SSDEEP

1536:qyEFp1KR9kFO5bFAcHl+OYINqJjfQjS/1bsXjEErxTWDTMqhGKYIZTET8bDQ:qPnmEGFcCSzQjSNb0jBkMqhGKZTbbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95609622f8f814f81b93ce9f7496ac6a_JaffaCakes118

Files

95609622f8f814f81b93ce9f7496ac6a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a0ebdbccae72c978c4a26d90b86a28c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lopen
SetVolumeMountPointA
DuplicateConsoleHandle
_lopen
GetProfileSectionW
QueryActCtxW
WritePrivateProfileStructA
FreeUserPhysicalPages
GetLongPathNameW
lstrlenA
GetPrivateProfileIntA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE