aaa312c9dc5490f1b82b2910b0184f25_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aaa312c9dc5490f1b82b2910b0184f25_JaffaCakes118
Size

111KB
MD5

aaa312c9dc5490f1b82b2910b0184f25
SHA1

da6269c158ca5890f825f49de6d3f067b8c4e633
SHA256

6376ce8895bdece7fda3dde19673e92176e51db0b54ed81a5a9fac8143db2847
SHA512

64ee87a75f558cd6e3f79e1deb3c94ae312f0b59140007eb62362793010d2a8474e91e8c336df13e5317c9c3b2eb8dd4de2c0219f0d6df774743b7579bfa11dc
SSDEEP

1536:EXtmsJqUrIMr+F/dyFGc1DbVDS4JwlXzf684EyPovJfYuQ:EXAaQHyFGobRvIjf6AGu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaa312c9dc5490f1b82b2910b0184f25_JaffaCakes118

Files

aaa312c9dc5490f1b82b2910b0184f25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ab8c04f5e76e8aa1e6353deb27c765b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
SetCurrentDirectoryA
VirtualFree
Sleep
ExitProcess

user32

GetMessagePos

winmm

timeSetEvent

comctl32

InitCommonControls

Sections

.text
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ