9ff878bd6aebccf0b9ecce741b8c45a6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9ff878bd6aebccf0b9ecce741b8c45a6_JaffaCakes118
Size

28KB
MD5

9ff878bd6aebccf0b9ecce741b8c45a6
SHA1

9e493ea8b8b16ea5d147cd06941b3d4db42a710f
SHA256

9f6368152b2c90f0411a0891ed6c567f91e0b8f4b32cbd0ea44c8ff335fa3eca
SHA512

2206120758253b44a9e13f2196cc0358f6fdfe75e8613e8ccca552ed6e73ea0d74fc4cf54393f47bff77a7c60d95cde9aa13107830b3605727055fe5b198842a
SSDEEP

384:JWGbtwB6pC6L42fJuu3grUeEGS/yHsZb5rD8qgNortXDyiyXUAFZKpnjWwBNlP9E:raIpjsvuIUVR/yqdD8otnyXUwZqCGKN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ff878bd6aebccf0b9ecce741b8c45a6_JaffaCakes118

Files

9ff878bd6aebccf0b9ecce741b8c45a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b7ce445276f738683298054cf9c6a51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNextVDMCommand
GetDriveTypeA
GetStdHandle
GetSystemInfo
GetVersion
GlobalAlloc

msvcrt

_tell
_rotr
_tzset
_umask
_spawnl
_stat64

Sections

.text
Size: 13KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE