a841e9f37daa630cca6be1b4cef26d7a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a841e9f37daa630cca6be1b4cef26d7a_JaffaCakes118
Size

113KB
MD5

a841e9f37daa630cca6be1b4cef26d7a
SHA1

74c1f59bc18513c798312d9b4dcf85c7f8754741
SHA256

41e005c0d1e41b300da43732972c2a9693144f67b54885b01cf770144d7e1ccb
SHA512

66aa3341495aed2770871e1d082dcd3a0b74ce7d3e0a65d931b033357cb06e0623cb0968cb5b9b3114d8baf58f5e9ac47ed0ab1df6c31e745d24041358964ddd
SSDEEP

1536:Is2JX27SJFjf5vlvn6YBtJhnA/0aekfLRhN6g4b77ib+sc8B85M5OmBBfKwAB2h:s22TBEYvTnA8kzXN6RbCKGnBBfNAoh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a841e9f37daa630cca6be1b4cef26d7a_JaffaCakes118

Files

a841e9f37daa630cca6be1b4cef26d7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e38e658cf862122d75d933dd7c8a8e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
lstrcmpiA
Sleep
ExitProcess

winmm

timeSetEvent

comctl32

InitCommonControls

Sections

.text
Size: 512B - Virtual size: 238B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE