aaabba137c5b0c9a9e068d08565d9827_JaffaCakes118 | Triage

Sharing

General

Target

aaabba137c5b0c9a9e068d08565d9827_JaffaCakes118
Size

76KB
MD5

aaabba137c5b0c9a9e068d08565d9827
SHA1

c06a0d73f221be6509f763190f10d0deceb5f702
SHA256

76741ae90ea633224e0bac1ec18b3e7714b725df8a4387b7bb02d654841fe50f
SHA512

43133e1cf7076e616c59da2061e0cf1dcc618e6a782496ee1cc1dc551be4572772e4758777fc13230080dd8f13d1563b65e04890fd580205ebf68bbd2e970762
SSDEEP

1536:MbEQjI7EgPDeJQMhZfnO2XpjVrs2ryrd1vUQuq6:EEcXCxMhVnXHs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaabba137c5b0c9a9e068d08565d9827_JaffaCakes118

Files

aaabba137c5b0c9a9e068d08565d9827_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8864c66190c2814245549f6b1c2c545a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileExW
CreateActCtxA
FileTimeToDosDateTime
InterlockedPushEntrySList
WriteProfileSectionA
ChangeTimerQueueTimer
CreateDirectoryExA
InterlockedCompareExchange
VirtualProtectEx
SetProcessWorkingSetSize

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE