b53d37d8d1a2513f9bc03a9a6681abcc_JaffaCakes118 | Triage

Sharing

General

Target

b53d37d8d1a2513f9bc03a9a6681abcc_JaffaCakes118
Size

306KB
MD5

b53d37d8d1a2513f9bc03a9a6681abcc
SHA1

f30ea4b9583e85c8dd699042457a8d756726d02d
SHA256

099de1ab6911b7e0151886381cee79cc4f1b52f3b310ca4b38f41a69f9830dc0
SHA512

0e040adf5068776067b1685cce68fdc02dc6079c9790731ab4c04895a24d5cecfd81186b06b95196867b2f2481ab2d34d89153486c6a005ba81c0ee06271d1ab
SSDEEP

6144:z25xqIAxHteDTSgV4zJhmfy3qP6JYNUCW6mgXGQjgKsgycxpeF/V:zo8NCRGz2y36NjW6mgXGgg/EeF/V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b53d37d8d1a2513f9bc03a9a6681abcc_JaffaCakes118

Files

b53d37d8d1a2513f9bc03a9a6681abcc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2717a120f3532759192746b08a75beea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAlloc
VirtualFree
VirtualProtect
LoadLibraryA
GetProcAddress
CreateFileA
WriteFile
GetEnvironmentVariableW

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE