a867f922cf03c39b7ef861ee9c47f1bf_JaffaCakes118 | Triage

Sharing

General

Target

a867f922cf03c39b7ef861ee9c47f1bf_JaffaCakes118
Size

83KB
MD5

a867f922cf03c39b7ef861ee9c47f1bf
SHA1

917230ee1eef9b0d8d11532d7d693f6dcef24d4e
SHA256

38e6e5de3b91625a8493b1b50487c15bec9b85e35643051951f84903ed2d6ae3
SHA512

28cc1fd5323eb4baeb95196ea316fe1be9d860c0e19d1b99bb5168a845118d9402c2de8bd4e718c0a5ecafe66f08caac45b5a3b793db9c99d757cf08eee1c3d0
SSDEEP

1536:0mIZIaTBUK2sDpvkxzNPDnaeozJ4KGvUDD5InkgAXhud7jEErxTWDTMqhGKYIZTE:07IaTBfozdTaJzx3Cn3ARud7jBkMqhGZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a867f922cf03c39b7ef861ee9c47f1bf_JaffaCakes118

Files

a867f922cf03c39b7ef861ee9c47f1bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4df45552e2db23185509e0bcfc306220

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SignalObjectAndWait
BaseFlushAppcompatCache
SetLocalPrimaryComputerNameW
GetUserGeoID
ResetWriteWatch
GetCommandLineA
Thread32First
GetBinaryTypeA
EnumDateFormatsExW
GlobalAlloc
GetProfileStringA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE