b762a109e37f16bc5c82769e1b96b004_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b762a109e37f16bc5c82769e1b96b004_JaffaCakes118
Size

94KB
MD5

b762a109e37f16bc5c82769e1b96b004
SHA1

3bc88a02eedfb1e2b7cf2493a605cb29901d4cf8
SHA256

e1b1dfd2a249de192d7bbc4d632fa163a4f7dff56a49de4dce332e96b52897a4
SHA512

aebf31dd7c1344d62f17b9ea45d2fc45986a77d93bbba7a8e17ce8bbb059ef5861edce3a754a61e36f52b3a377056176cac2d2e57cf686e7ad5595c8371c209c
SSDEEP

1536:ZuteSLtAYHVIg7jlopOGaPXRvA5zU5oXPfgbBFO1EMME7jwaaHw7Koj4r:UY8tHHVIKjlVZvAe5oXHKPOpzjwaaHwm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b762a109e37f16bc5c82769e1b96b004_JaffaCakes118

Files

b762a109e37f16bc5c82769e1b96b004_JaffaCakes118
.exe windows:65535 windows x86 arch:x86

923bfa4f84ec39cc01de820591248594

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateFileA
VirtualProtect
GlobalAlloc
VirtualAlloc
GetDateFormatA
SleepEx

msvcrt

_adjust_fdiv
_except_handler3
_initterm
__p__commode
__p__fmode
__setusermatherr
__set_app_type

Sections

.text
Size: 60KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsr1
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE