a15d8b2aba915c9d01ece6aed792a7e8_JaffaCakes118 | Triage

Sharing

General

Target

a15d8b2aba915c9d01ece6aed792a7e8_JaffaCakes118
Size

1.5MB
MD5

a15d8b2aba915c9d01ece6aed792a7e8
SHA1

85be39c253a6f041ca353ccf3ecbcd779a2ea3aa
SHA256

7fc6f3de126135903a6cd5b4d3a714b20480bbbe3b0a8b62c4a58efd93ed9261
SHA512

8816e41ac85828d2c719192fb5c0196debf046f13fe8ae12999bdef307a5af3ec0f47522b4e218d5d41d0b553b595750ed612d9ce4c334e9240992b83b5d5007
SSDEEP

49152:xTVcV5sVTN37RH3ZCOz7StzRYbcuCaB2:xTeVWL37RIy7St9YbKaB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a15d8b2aba915c9d01ece6aed792a7e8_JaffaCakes118

Files

a15d8b2aba915c9d01ece6aed792a7e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30fd1156d2e62ee205c352aa46964135

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CreateFileA
SetCommTimeouts
VirtualProtectEx
ExitProcess

user32

ShowCaret
HideCaret

Sections

CODE
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ktext
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ldata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ