9633a2fe62eeb275342e002bebffd638_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9633a2fe62eeb275342e002bebffd638_JaffaCakes118
Size

67KB
MD5

9633a2fe62eeb275342e002bebffd638
SHA1

01e3882eea0350a35570e41d4e497f1c68005540
SHA256

95ac06ff5240ef205416742d7c456e7b583f692b66ded33981e46d8e86287d50
SHA512

802718ba6b2bed315fe9d9421b653c468e364318683e164e53e51f47b20f9cb4fe4b8a2de7b6c739d1466801d044ac7b3ff2ba68f4efc7f0bbd28831e0a7f897
SSDEEP

1536:N30DNro4Ix6PqmRRI4oVE/HrMWxA6oTDHffkPK:ooaPqUga/rFxPGf0K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9633a2fe62eeb275342e002bebffd638_JaffaCakes118

Files

9633a2fe62eeb275342e002bebffd638_JaffaCakes118
.exe windows:4 windows x86 arch:x86

729f1790c326044218dab946618701d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComPlusPackageInstallStatus
AllocateUserPhysicalPages
FindResourceExW
FreeResource
ReadConsoleInputExA
HeapUnlock
BaseDumpAppcompatCache
SetThreadAffinityMask
VirtualFreeEx
GetProcessPriorityBoost

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE