b7dcfdead016d7750d68cb8639db4f11_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7dcfdead016d7750d68cb8639db4f11_JaffaCakes118
Size

121KB
MD5

b7dcfdead016d7750d68cb8639db4f11
SHA1

35567ea10df516fd2d46c1709c0cdea7d6f4b58f
SHA256

c7b5f84bc825e8bf110e6e80809b7356a90ed1f33cb684b8bb7b675c50d6736f
SHA512

2ca6060c69919b1da428a301e3bab556ac29ea54433effb187b2376fa6dae2efd4c8891416a391a6b8ce51abf8a1cee93f7f26ac83a10b632ef030dd94495841
SSDEEP

3072:rav2YbKaS76fxHVCJcN9D9HR5zQqESqBOnklN:rgKaS765Hmq95HPzQqLqBy0N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7dcfdead016d7750d68cb8639db4f11_JaffaCakes118

Files

b7dcfdead016d7750d68cb8639db4f11_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b0cb19fc181841ae13f1fe97ccb2052

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
lstrlenA
Sleep
VirtualAlloc
GetModuleHandleW
GlobalFindAtomA
VirtualFree
ExitProcess

Sections

.text
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 247B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dsfwer
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE