ab22476ef0c614b564fd8e34576137da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab22476ef0c614b564fd8e34576137da_JaffaCakes118
Size

60KB
MD5

ab22476ef0c614b564fd8e34576137da
SHA1

c16d05c227f4f78bd0f4d37cf0b8ed7cc1156d13
SHA256

c8f04e5f1a5b8305fe52b23c1ffc8f3dfab4ae5b866a7d8212e622df60d1b84f
SHA512

a69dc53d30621dcb89366e635c193374695e0848c86b537692bdc9470cad87fbff7838942f018c03607bc28e55e2a9e666d5cde56cdd6d57d5b0bba96452959f
SSDEEP

1536:W4GUJ44eZcgP8K0QxObsUKxHjVyNzKtVDeJZ83Yw:lGLmgP8K92sUKpjYzKtVDgKYw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab22476ef0c614b564fd8e34576137da_JaffaCakes118

Files

ab22476ef0c614b564fd8e34576137da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68ff86a5775aad1b26bdd2bb48a71dbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSummary
GetProcessWorkingSetSizeEx
_lwrite
GetConsoleScreenBufferInfo
RtlMoveMemory
FindNextVolumeW
CreateIoCompletionPort
SetCalendarInfoA
ExpandEnvironmentStringsW
BaseCleanupAppcompatCacheSupport

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 36KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE