a94b56bfb5289081452b33d2f9591018_JaffaCakes118 | Triage

Sharing

General

Target

a94b56bfb5289081452b33d2f9591018_JaffaCakes118
Size

24KB
MD5

a94b56bfb5289081452b33d2f9591018
SHA1

ac53e90fd464c1a779500ddd9e7fba2fbb42c589
SHA256

4c223b1844ee372a0648f79bcf2d9aace0001ffe2f25149812ff5e84430c4e5c
SHA512

5d8bf3f71c5da417bb1de4d4fd4ee7348ba89a5e2542a134460e5186ff01bf07a2dfdd931be64732890d887a5fbab681d39b459ef0be7414a4a1ec73ecc0fd1d
SSDEEP

192:5iBxQ/sWrWOUZ6xCsu1FwI/WNI9oMnyPwLGu0fq5/+Dc804qScb:a2sWKOC1GI/fRyPLY52Dp04jcb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a94b56bfb5289081452b33d2f9591018_JaffaCakes118

Files

a94b56bfb5289081452b33d2f9591018_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0f013ab95c76f819cdd4a30516649c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
lstrlen
SleepEx
GetTickCount
Sleep
lstrcat
GetEnvironmentVariableA
GetShortPathNameA
IsDebuggerPresent
GetVersionExA
CloseHandle
CreateThread
lstrcpy

user32

ShowWindow

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 896B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE