a6d392700c961d2dff25302855ba8356_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6d392700c961d2dff25302855ba8356_JaffaCakes118
Size

1.0MB
MD5

a6d392700c961d2dff25302855ba8356
SHA1

0d75023e3a20cb05b5edf06223b19d7333a54213
SHA256

2df4222df4860c8a34a273211c945ef581a880e68a2261299fe84a6623514562
SHA512

6fda4612921a14f9b8f579cb7b821ba2b966be238609cacbcb2304fe295d45d438f99562ec2153ad7a3af17cb793653622290930b035c7d510847e23a7f870af
SSDEEP

24576:gfBCqbpZSkYf5A7oyBYO9cIbSMHl72Z1ceRR3m4zYdd+L:+HpQykq932Pj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6d392700c961d2dff25302855ba8356_JaffaCakes118

Files

a6d392700c961d2dff25302855ba8356_JaffaCakes118
.exe windows:2 windows x86 arch:x86

5b2584588f55fcb3488da992f800ae1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualFree
HeapSize
GetCurrentThreadId
HeapDestroy
OpenFileMappingA
CloseHandle
GetThreadTimes
HeapSetInformation
ResumeThread
TerminateThread
GetSystemTime
GetSystemTimes
HeapWalk
MapViewOfFile
LocalFree
CreateFileA
GetFileTime
OpenThread
GetCurrentThread
GetThreadLocale
WriteFile
VirtualAlloc
ExitProcess
HeapFree
ConnectNamedPipe
GetCurrentProcess
CreateNamedPipeA
WaitForSingleObject
UnmapViewOfFile
CreateMutexA
CreateFileMappingA
HeapValidate
GetHandleInformation
HeapSummary
HeapAlloc
LocalAlloc
GetThreadPriority
SetThreadExecutionState
ReadFile
SuspendThread
CreateThread
HeapCreate
SetHandleInformation

Sections

.text
Size: 914KB - Virtual size: 913KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrcs
Size: 15KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ