c104b40dff2eac14c8908d9c7d8cc8dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c104b40dff2eac14c8908d9c7d8cc8dc_JaffaCakes118
Size

491KB
MD5

c104b40dff2eac14c8908d9c7d8cc8dc
SHA1

9a648d09b369f072960fcb143824803371fbc976
SHA256

66f7668ac9d9d67b429adfb5f5a4ec46264e3609b64706bb03122badf73b1402
SHA512

210754b0ecc5fa115fc451d7f23f62713d35a51797de12279c288e56801c554a4c8ebde05227ae49f41e48611b4665fdde95c1e50dd51dcda5466673392db5b5
SSDEEP

12288:QrZBjY6jR0Fxf984GOtKzf9Hk/kcd7nuwD7:gY1Fx1TGWoFHk/BzBD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c104b40dff2eac14c8908d9c7d8cc8dc_JaffaCakes118

Files

c104b40dff2eac14c8908d9c7d8cc8dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db4a9dd5298b92ae15cfaecf8546808d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
UnmapViewOfFile
LoadResource
HeapAlloc
CreateJobObjectA
GetLastError
FreeUserPhysicalPages
LoadLibraryA
LocalAlloc
LockResource
GetModuleFileNameA
GetModuleHandleA
ResumeThread
DeleteFileA

user32

AttachThreadInput

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.drug
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 444KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.4222q08
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE