cf9e28372884092348cfddc2fb9382b7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf9e28372884092348cfddc2fb9382b7_JaffaCakes118
Size

114KB
MD5

cf9e28372884092348cfddc2fb9382b7
SHA1

66e5668be69f7bd3961bd1e3bc16b544a64761df
SHA256

4e3fc3f090fbb6430493a2dca5035750b277c5adc3d58cf4a984d71b58abef5d
SHA512

3e507607fa8973cd308948dc2a73fdde51d5faa75dc3a0e354d4fa3770ee21c2a2c2e4e29b18a5378dbfe99f55e98b282a8c3e81261d4bda3ac7953a7fa09a74
SSDEEP

1536:9T4mVh9krKfg6nW6Jm1erB2Wr+GBKjAv1+YYlQQ9:9cOfg6nW6Jm4v+GwAd+YYCQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf9e28372884092348cfddc2fb9382b7_JaffaCakes118

Files

cf9e28372884092348cfddc2fb9382b7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

591d49cc0b13792f944164f4cc75c7f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetModuleHandleA
VirtualFree
GetCommandLineW
Sleep
ExitProcess

winmm

timeSetEvent

comctl32

InitCommonControls

Sections

.text
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE