96d6d68e3a8c87e1263bc3d722454f65_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96d6d68e3a8c87e1263bc3d722454f65_JaffaCakes118
Size

91KB
MD5

96d6d68e3a8c87e1263bc3d722454f65
SHA1

7d4b058e346e058615ac1174770f9e3c8f151e80
SHA256

e73349e0ab732eefd58dec5cc1cc581b7f1aa003f847ffbc14bb43ad6524f160
SHA512

13d654cd51e31e1f512fc0a28232d9dc3b6ff2e208f741af823eadc6deecd7dd6b47332bcf0b8fafcaaf1be7aa45e9151bd59ed797dfae055e47fc36ab672a53
SSDEEP

1536:r93hZ3nZIWU4L54AqaPZ/ZBaWKaqjADPKRTpeDAbR9abC9bjEGkfoDDxWYnwsd0v:r9fFFCAqaxxwP98Kx8c+mvEGhDBwsdFX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96d6d68e3a8c87e1263bc3d722454f65_JaffaCakes118

Files

96d6d68e3a8c87e1263bc3d722454f65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a7758ee038d85b5f6b59a935c60db0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
VirtualQueryEx
IsProcessInJob
TlsGetValue
GetFileTime
LocalCompact
WritePrivateProfileStructA
RegisterWaitForInputIdle
GlobalLock
GetLongPathNameA
OpenFile
VerSetConditionMask

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 67KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE