a0072393bb974d87cbd168c3c13a199e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0072393bb974d87cbd168c3c13a199e_JaffaCakes118
Size

83KB
MD5

a0072393bb974d87cbd168c3c13a199e
SHA1

abf7a28db48489d864c613eb9a3c906476ce18be
SHA256

0566f0df175208473016c8179cc10bf8026e4f17a04499117518b9ebe951cc4d
SHA512

457622b79ff8e9bffce584a9775117fe8afe938ef43c7999d9d0178ac75ef4ef72c3da41c72579b2063f5b8c1922e6bd341a078bd8f4db801c4e05b68fbca7d8
SSDEEP

1536:pYUNOB0u9ixOOP/TvYNnl/E577clC04+GmLeobbErrospjVrs2ryrd1vUQuqwci/:pYUNg0yis+zKlc15+G1obbE3jHs2qucx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0072393bb974d87cbd168c3c13a199e_JaffaCakes118

Files

a0072393bb974d87cbd168c3c13a199e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88f7cb6f625034409ae88b4dda0ab0b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleHardwareState
LoadLibraryW
SetThreadPriorityBoost
RtlFillMemory
GetVolumePathNamesForVolumeNameA
VerLanguageNameA
EnumUILanguagesW
GetLongPathNameW
GlobalFindAtomW
MoveFileExA
IsProcessInJob

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE