c93b6d7c9452a5837e396b56a20f63de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c93b6d7c9452a5837e396b56a20f63de_JaffaCakes118
Size

39KB
MD5

c93b6d7c9452a5837e396b56a20f63de
SHA1

461e25d7f13ae4215dd71a2adedfbd124b4c6efa
SHA256

4cb7195364dfb3242c29fa3c7d7c1f86cf26da8144c35924d6529bf8e4a597ba
SHA512

00659dc7b5bc748aea74984f63a48cb497bed9778561cb0d226a4c2e4ab59f7cf2de2f951335fc678c5a326685e2e760f32d654e57033540ad2433fdc10109f0
SSDEEP

768:58rUiWX6PhRF6N5/WjqYPYJCj/ZEB/Aqs86OhQVi8DSXq1FY9+guAHCvNoTtgQxz:IHf6fepF/l9uhk1tu98AH4NqBxm2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c93b6d7c9452a5837e396b56a20f63de_JaffaCakes118

Files

c93b6d7c9452a5837e396b56a20f63de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4c2e73387a13af1d1b62a4ec0330902

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumePathNameW
ResetEvent
DosDateTimeToFileTime
TzSpecificLocalTimeToSystemTime
OpenWaitableTimerA
EndUpdateResourceA
GetGeoInfoW
TlsSetValue
lstrcatA
GetDefaultCommConfigW
IsDebuggerPresent

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE