95aa5c30c1c5b27bdaeae5493f8c4def_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95aa5c30c1c5b27bdaeae5493f8c4def_JaffaCakes118
Size

76KB
MD5

95aa5c30c1c5b27bdaeae5493f8c4def
SHA1

1f6bfd76f8c7864caae51b499809f1d611ad6d26
SHA256

506a3d26fc5ddfc2d1ae373f135af38d7da1cdd2631269426e3cb0cadf9ed1cc
SHA512

5fc43d9c56087175cb81c6542c073e9ea302c5dbd3a6d9b32eb5adba4a7185ad95e6d3d4b1706f209cd500cc0d1e35327d1ad6b4ab347bfd6121d0b7408e3150
SSDEEP

1536:sS6WbNYHmEypLjGHzMH/fV+JqSWC9uCvLXIi6cVqbWfpjVrs2ryrd1vUQuq6:IWbamLLjWzGfoJqSFz4FKQUHs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95aa5c30c1c5b27bdaeae5493f8c4def_JaffaCakes118

Files

95aa5c30c1c5b27bdaeae5493f8c4def_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8038694bbf1e9f64da921fcacc0219c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
GetFirmwareEnvironmentVariableW
GetLogicalProcessorInformation
SwitchToFiber
AddLocalAlternateComputerNameW
BaseProcessInitPostImport
LocalSize
EnumSystemLanguageGroupsA
GetPrivateProfileStructW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE