ba1cf816643c79037b951b7dbd179962_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba1cf816643c79037b951b7dbd179962_JaffaCakes118
Size

113KB
MD5

ba1cf816643c79037b951b7dbd179962
SHA1

7449f588a6c3d4fbf566b64aa4d464b7e1943246
SHA256

c29fd6e452d2dc7810f40aa86712a666328d6cf74865e2e120aa2fe5e5cc6196
SHA512

bdfab8e1962d9b01eb2fff5ab01f30c817ba9757026216c9d31e26e792d35047f27fe47ad65df5a46ff9f8fae95639753ebbf70b4c39aff36b7a3557e6f6388e
SSDEEP

3072:1c8Zv0EIaA3FRmx/zcs5mRKwOWTK/VPx:HxfsRmxws5mRa8I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba1cf816643c79037b951b7dbd179962_JaffaCakes118

Files

ba1cf816643c79037b951b7dbd179962_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30670b9814147f1a99297872d4d6605c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
GetCurrentThread
Sleep
ExitProcess

winmm

timeSetEvent

comctl32

InitCommonControls

Sections

.text
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ