a510092b8ed8f21a89bc595e23128ab0_JaffaCakes118 | Triage

Sharing

General

Target

a510092b8ed8f21a89bc595e23128ab0_JaffaCakes118
Size

80KB
MD5

a510092b8ed8f21a89bc595e23128ab0
SHA1

9e2a0107e3a073336f259f323b42adb0f7181af5
SHA256

0117f1fe3c13e1bca454e756ffe41feb04f18a355e45ebece9e90097aeb15c1e
SHA512

75731d91cf8aa078c9eb0643d674b8fde19fa766d8e87b3d95d1c789bd266ec72f08086a9324166471ebc886c1a7a9b005a05c323c6c1d9b4bb242f5faa14b79
SSDEEP

1536:ZfyI3G+0c2ySZ4PrW/goiCnsBrgn7i3UCVFs9K8RUCRePyBbYa5ewxt:sz+0ISZ4PyggsBcnu3hVehHBbYaAS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a510092b8ed8f21a89bc595e23128ab0_JaffaCakes118

Files

a510092b8ed8f21a89bc595e23128ab0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5db9a52b36a395e2d0a6cd7a38209893

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtAddAtom

kernel32

VirtualAlloc
GetTickCount
GetCurrentProcessId
GetModuleHandleA
DisableThreadLibraryCalls
FreeLibrary
GetCurrentThreadId
GetSystemTimeAsFileTime
SetLastError
QueryPerformanceCounter
LoadLibraryW

atl

AtlMarshalPtrInProc

Sections

.textbss
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ