cf68adc5aaeaeae480b7e955e55aca72_JaffaCakes118 | Triage

Sharing

General

Target

cf68adc5aaeaeae480b7e955e55aca72_JaffaCakes118
Size

115KB
MD5

cf68adc5aaeaeae480b7e955e55aca72
SHA1

ea3b97a000b32604b09656a3d58401f422283181
SHA256

5f445e2c56e78cabe88e5677658da528995fe3ca9816a1def935b503d9ac6256
SHA512

bf9d7661328a935958b72a1f64bbe53f67da77df16b238fd6b5dec0fc99562c224f954dc7fc25ade2ccc93fa07b7b58ce42f510ea2a2b537fcaab03b6eafbc18
SSDEEP

1536:/g5pLP8csDAeQPSfRB1KNc82cf4q7oqtuLjwR0p2uN:Y5tMDSPmg2s4JqtuIR0UE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf68adc5aaeaeae480b7e955e55aca72_JaffaCakes118

Files

cf68adc5aaeaeae480b7e955e55aca72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28b40b78689be7e83ccca2ff02354d4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
Sleep
ExitProcess

user32

GetMessagePos

winmm

timeSetEvent

comctl32

InitCommonControls

Sections

.text
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE