be53db8787ad8cf971c1f02cd0faaffa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be53db8787ad8cf971c1f02cd0faaffa_JaffaCakes118
Size

7KB
MD5

be53db8787ad8cf971c1f02cd0faaffa
SHA1

936c4558c06c2e632e9cc8a77ebf798c2d95d0be
SHA256

2c5ce99f19797de79e44627306ba70da447971fd016a471491bba885ee78d140
SHA512

ed1639d0a93d0bcea908c21fc5073a7a535abaf27016d31f02ecf521d73abf07aabc8b8133a886c77e0cc1f5cd7e33f721fd6a8b895ab3dc9312cf0d056bf581
SSDEEP

96:U4BxQsYcjqFvDC5hx0u74VdG04DPHaPlmabBytvH38cICmucKp:U4BxQRt8xN30cyPrZ1ufp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be53db8787ad8cf971c1f02cd0faaffa_JaffaCakes118

Files

be53db8787ad8cf971c1f02cd0faaffa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fdc123cee95303b1c720bddd4f226317

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
SleepEx
GetTickCount
VirtualFree
GetCommandLineA
Sleep
GetStartupInfoA
VirtualAlloc
QueueUserAPC
IsDebuggerPresent
GetVersionExA
CloseHandle
GetCurrentProcessId
CreateThread
lstrcpyA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 818B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE