d513c8b87c17b10150c72ae10acd863a_JaffaCakes118 | Triage

Sharing

General

Target

d513c8b87c17b10150c72ae10acd863a_JaffaCakes118
Size

68KB
MD5

d513c8b87c17b10150c72ae10acd863a
SHA1

a409f02c57bede538d79c84b5a13cc078f2e927f
SHA256

1725f8047ce444af016358db7ce736b7ac9565548a7d83aad8b96af3bca63d3a
SHA512

4ad123e6342f45ba6fbe95a271bdc5dbd7905a6af5fb12ae257bfcd1a9cdaee6ca88dc12ff7d9eee60fa18391d4fbb59a825691014934e792295619ecdc31126
SSDEEP

1536:RO7PMrClGkGNbV4NHWQ2MD9hxjT69En9iVLadHi6wxioiYv0G6XnAAu:k5IREWQyEneLMHi6wDnb63

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d513c8b87c17b10150c72ae10acd863a_JaffaCakes118

Files

d513c8b87c17b10150c72ae10acd863a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4f98b1721283d72dd5c3e0ec37885cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateTimerQueueTimer
CancelDeviceWakeupRequest
WritePrivateProfileStructA
SetVolumeLabelA
EnumResourceLanguagesW
DnsHostnameToComputerNameW
CreateThread
ReadFileEx
lstrcpy
GetCommandLineA
ExitProcess
GetStartupInfoA

Exports

Exports

Koytwifs
IsCmjigdeeok

Sections

.text
Size: 5KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE