9fd19c787d5113373f6fd8c04a61a109_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9fd19c787d5113373f6fd8c04a61a109_JaffaCakes118
Size

91KB
MD5

9fd19c787d5113373f6fd8c04a61a109
SHA1

d331b4cb31a8836fc5cd575b052792991448e17f
SHA256

d67737f12a91ca91e508eae66ca1025abff2ceb2f96e0c14c6fe15881b3078a3
SHA512

0f0056ec22cf5f854d1f10389b6b5452732cd0fb06ba99f20601257cccee1ce2c44a0fedc4a6f32fbefacac60c9295b923b93dd9d5631489fa60cd6b925c3f7f
SSDEEP

1536:wOX6sXQmf2K20QVkl5B/KDR4iYbNGQZ0lhn2pzT1u0m+0aUUR1Gkde:9LXx321kl/KDR/YEQZBpcIFX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fd19c787d5113373f6fd8c04a61a109_JaffaCakes118

Files

9fd19c787d5113373f6fd8c04a61a109_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8751e1bb5486112f90bfb47b67d850c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDevicePowerState
GetNumaAvailableMemoryNode
QueryWin31IniFilesMappedToRegistry
GetProcessId
CreateFiberEx
VirtualBufferExceptionHandler
HeapSetInformation
GetTempPathA
SetFirmwareEnvironmentVariableA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 67KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE