b7fe807c77ad00397b2a863ce7a0474f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7fe807c77ad00397b2a863ce7a0474f_JaffaCakes118
Size

60KB
MD5

b7fe807c77ad00397b2a863ce7a0474f
SHA1

6bb60880fd063362b8d7def1ef89358c8a033373
SHA256

c4c887aeb6cda2a82ea3678a37be3e23c03ef5e0112c3c35bd49c205cc43a2fd
SHA512

cbdf402c802344a0ef03be16dec0d611748ffb19948e828ea69f874a3ee18fbdfc60b5a95e86123fb7e2e60809d3bf85e75383f76333125e2a5b94342576c7fd
SSDEEP

768:zR9fOIEBPMdx9RvHjPFOAQTJQtx4EQgRUGZ8qpzUK:zR9fOI99RvrFOHJk4/YuquK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7fe807c77ad00397b2a863ce7a0474f_JaffaCakes118

Files

b7fe807c77ad00397b2a863ce7a0474f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab9025f5f12c63499bf208ee5e60cb19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
lstrlenW
ResetEvent
LoadLibraryA
MultiByteToWideChar
SizeofResource
MulDiv
VirtualAlloc
TerminateThread
DuplicateHandle
lstrcpyW
GetTickCount
LoadLibraryW
InterlockedIncrement
FreeResource
GlobalLock
CreateThread
SetWaitableTimer
GetVersion
GlobalFree
WaitForMultipleObjects
GetDriveTypeW
CreateEventW
GetProcAddress
CreateFileW
QueryDosDeviceW
GetLastError
CreateWaitableTimerW
VirtualFree
FileTimeToSystemTime

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 810B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE