af512fe67467a03f9dfe141efad988e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af512fe67467a03f9dfe141efad988e2_JaffaCakes118
Size

63KB
MD5

af512fe67467a03f9dfe141efad988e2
SHA1

23aeb802565084bb9010e554b69d022499df521d
SHA256

01ab78c8156060998be4b87b7ff4a375f91f8fbf5f94facb5ceeaa430fd79563
SHA512

7443f7c24b2d39506143c0c42a864076266e568e89cdcf9c627b8f5beae04c5507a6cf4db60e1caa1531eecd0ff644857442be5ef1a0013a7a19d70b3f7a8c73
SSDEEP

768:AP+To3sWapDByrA8+oDrT0H1sgkhUt0oV+r/jhuMrBxvGas9RL6LZFK5CFGEUvXZ:uhfytfCfBxuz6LCQwEuXv79YkTzJ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af512fe67467a03f9dfe141efad988e2_JaffaCakes118

Files

af512fe67467a03f9dfe141efad988e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99057ccfcca4cc786a4df069ca642492

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
CreateHardLinkW
ConvertFiberToThread
GetDevicePowerState
CloseConsoleHandle
NlsResetProcessLocale
FindActCtxSectionGuid
FindFirstFileExW
GetProcessHeap
FatalExit
GetFileTime

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE