d707af7d0c30b5c792f35f06534de466_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d707af7d0c30b5c792f35f06534de466_JaffaCakes118
Size

83KB
MD5

d707af7d0c30b5c792f35f06534de466
SHA1

38cb9257bf7a580b78ac7933f7978cb3d8d23156
SHA256

93a49ed2967c0c0182fa0da1e4221c182da5a4b43846b0294eadb76ce658d893
SHA512

f140f6d091e846c0266c2ebf6da839984f664a56883ae651b23046bce0142725ac4099027bbcf7995261ac003be416995f12494edbef241e67e918f8314afc34
SSDEEP

1536:4e8pCBlDEWXlcEGjEbd8FoSp/2djRFIGFWGRRHSjEErxTWDTMqhGKYIZTET8bDQ:8pCBhbcEGj6d8F/p/4jQVjBkMqhGKZTE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d707af7d0c30b5c792f35f06534de466_JaffaCakes118

Files

d707af7d0c30b5c792f35f06534de466_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b0cc6f684c1770576e85b33519dd074

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetProcessDEPPolicy
BackupSeek
CreateNamedPipeA
SetDefaultCommConfigW
BackupSeek
GetConsoleCP
DeleteTimerQueue
UpdateResourceA
EnumResourceNamesW
BaseUpdateAppcompatCache
VDMOperationStarted

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE