a92a65ba1d9a1913348712a87645bb90_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a92a65ba1d9a1913348712a87645bb90_JaffaCakes118
Size

115KB
MD5

a92a65ba1d9a1913348712a87645bb90
SHA1

a179d3d000c2ae9c3f6e440ed9ee5ef68fb5fe65
SHA256

75d15ef1387a0d0109cbdaec625effaad4b5e9646a6e38b4690696c50eefe392
SHA512

bcd985cd67cf251e21e3316b8d9b2985b0c1233b6b8a6e954f42d04da07cdc69c334fb5854a292e9e3b3cfe14d2e11beb92d025e2fc912db8f01e40a866659c0
SSDEEP

3072:rBodbdTfZcO74ohw6fbqVFEomUPJYgvw0o3:WdJTxzDhw6fbgFEoZxYg43

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a92a65ba1d9a1913348712a87645bb90_JaffaCakes118

Files

a92a65ba1d9a1913348712a87645bb90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fbabb9f12d3aa7d5cf30b1396edf39de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLocalTime
OpenEventW
OpenSemaphoreA
GetFileAttributesExA
OpenMutexA
SetComputerNameA
SetProcessWorkingSetSize
ChangeTimerQueueTimer
FindFirstVolumeMountPointA
BackupWrite
_lopen
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE