d6e0b8d72259fea848672cb9a8f6041e_JaffaCakes118 | Triage

Sharing

General

Target

d6e0b8d72259fea848672cb9a8f6041e_JaffaCakes118
Size

1.1MB
MD5

d6e0b8d72259fea848672cb9a8f6041e
SHA1

10c6b132d3da6fc043b6b7ee45930bd0c996c5e6
SHA256

9d2cd5489c53e76b7b5d87ed1253380004c0f50edb1f157d0ef96c933cbff0ba
SHA512

e4ed7d4a5c906d08325538fac9d80a52dfe0e5395653bf2357efea54e72c0e0fc3551c2bf7efb515cfffe068a46ce8bcfc90cc17924f8a82a76f09b03bc3aaaa
SSDEEP

12288:d9OkoVug2IrhC50B35x6GdW+jGvCyJntCgeSwdErXjSAs2M4BY1m5KPhkdBRTlZN:dEpnv6GwGGvpp7eOXwm5Uq7TSl9Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6e0b8d72259fea848672cb9a8f6041e_JaffaCakes118

Files

d6e0b8d72259fea848672cb9a8f6041e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86055ed16a0aa0b26139e1043aa062ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
GetLastError
GetCommandLineA
GetVersion
GetSystemDefaultLCID
GetUserDefaultLCID
GetCurrentThread
GetModuleHandleA
GetCommandLineW
GetCurrentProcess
GetTickCount
GetCurrentProcessId
GetUserDefaultLangID
HeapAlloc
GetProcessHeap
GetStringTypeW
GetCurrentThreadId
CreateFileA
CreateFileMappingA
SetEndOfFile
CloseHandle
MultiByteToWideChar
CompareStringW
UnhandledExceptionFilter
LCMapStringA
SetEvent
SetFilePointer
FileTimeToSystemTime
EnterCriticalSection
CreateProcessA
GetStartupInfoA

Sections

.text
Size: 329KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 814KB - Virtual size: 813KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ