affdb1dfbd8b2b148f9c63d9915e7e7b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

affdb1dfbd8b2b148f9c63d9915e7e7b_JaffaCakes118
Size

56KB
MD5

affdb1dfbd8b2b148f9c63d9915e7e7b
SHA1

5544e7cecc1d52b330d69e266f65d3ec70c557bc
SHA256

a75d0e432882c77d1cd1a6c3790bcc8dd0a24267678a884df65850f55aa8c31a
SHA512

7e55dd31cda6af8fcee51d6dc17a9d595a35b62003f0f4d7698346f039635cbcfed87846ad3733240f4460ef1d82acfd76baddfb8a164d6d3afa3dfeefe1ee5c
SSDEEP

768:GTUrg4Yd8XSmMeA0tixKeh0mZwmtyWYbKHtObx0kjUoVq5hYq+XL63Qxu:Xk4ioSmX0KmZSW7tObx9jUDpAxu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
affdb1dfbd8b2b148f9c63d9915e7e7b_JaffaCakes118

Files

affdb1dfbd8b2b148f9c63d9915e7e7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e415e95c7ad41c455a571827e337fd7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
GetSystemTime
SetEndOfFile
DuplicateHandle
QueryDosDeviceW
GetProcAddress
LoadLibraryW
FindNextFileW
LoadLibraryA
GetCurrentThreadId
WriteFile
InterlockedIncrement
DeleteFileW
LockResource
GlobalLock
WideCharToMultiByte
SetFilePointer
FreeResource
MultiByteToWideChar
CreateWaitableTimerW
SizeofResource
GlobalDeleteAtom
FindFirstChangeNotificationW
LoadResource
GetLocalTime
GetCurrentProcessId
GetLastError
GetPrivateProfileStringW

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE