a95acb2c97cbe1decd56e3a8e9cc8456_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a95acb2c97cbe1decd56e3a8e9cc8456_JaffaCakes118
Size

66KB
MD5

a95acb2c97cbe1decd56e3a8e9cc8456
SHA1

b56de9c689c0d5f9555c25826507252a99602e57
SHA256

d1e9a01b6b2a2b20e3159e5375e26cf76422b6ac071ea0e769fb4989100824dc
SHA512

bf4fccf4d4f431a7442cc4802cc08d7893bb2d03546df9863b621303a96791d1e3255f8cd913f2a94585d19140bfc0b36e6432878b0e0b16a8baeff97d9fd973
SSDEEP

1536:ymmzZDDI31CI9RYxP8Cxjuc6RbSVodwLqJxxVfBd:MI31CvxJlunRbS0EG1fL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a95acb2c97cbe1decd56e3a8e9cc8456_JaffaCakes118

Files

a95acb2c97cbe1decd56e3a8e9cc8456_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff9d49eddba08f03dec7fb5b864e2da8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileW
FindResourceW
ReadConsoleInputA
HeapQueryTagW
TryEnterCriticalSection
IsValidLocale
GetLongPathNameW
FreeEnvironmentStringsA
GetVolumePathNameW
LoadModule
Module32Next
SetConsolePalette

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE