d1db2820f37b7c2f6c7b68ae33ec5a63_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1db2820f37b7c2f6c7b68ae33ec5a63_JaffaCakes118
Size

718KB
MD5

d1db2820f37b7c2f6c7b68ae33ec5a63
SHA1

fa8a691c99ec8bdb95f63c5403731c6799e92199
SHA256

51156ddcbe8a0ff3c4ca8bff9f2a74b9a7b2ffe573a33300de2079eee5c6ad33
SHA512

c72e983e4c13ac5308297fcf2a2f59ba61edc9ef9adee904a288eb8622b5fcfddc74fe090eb8a2e2e7d974cc87a83eda10051ffe414521b803f3c4bcc354b835
SSDEEP

12288:uoOn1K/OCoGJdmtGb6/Y8TFlL5pnJpIKFPXw7zmdAkHhqwDgOR2nOwUZSFu+g6Y8:xPoimtG+FVjnYKFPAPBkkANwUZt3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1db2820f37b7c2f6c7b68ae33ec5a63_JaffaCakes118

Files

d1db2820f37b7c2f6c7b68ae33ec5a63_JaffaCakes118
.exe windows:4 windows x86 arch:x86

435fd41272abd6f8c2c134fe84b84f14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

EnumSystemLocalesW
FindAtomW
GetAtomNameW
GetDateFormatW
GetModuleHandleW
CompareFileTime
DeleteFileW
EndUpdateResourceW
VirtualProtect
ExitProcess
GetDriveTypeW

Sections

CODE
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ