d9deb2e8c7bfaac9cb67d5c7b75b8dab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9deb2e8c7bfaac9cb67d5c7b75b8dab_JaffaCakes118
Size

113KB
MD5

d9deb2e8c7bfaac9cb67d5c7b75b8dab
SHA1

c6dc5d6cc7db7fee0684a2840ba708f71ffadcdf
SHA256

3a15a1f1817de70268f8d8bb08f60a8bd7f63f17d0feb6591d0821059a1e7422
SHA512

fcf35318f051f34f916dfd7c2a575796f1c3709852d0f9b825e33ddd5c6167ccbb9cf9cf46a60dc7f10790f2aeaf7d0fe4915bb1cbcf80b3496691b488473ad3
SSDEEP

1536:Vm9KubHJp6KJFLMQSXKNqByVh9/G9a4A8MnS4fZamzUStIVqdH/55zWUDklm:s9nbH/5J+zWk08MnbfZaNSaEjzWU4l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9deb2e8c7bfaac9cb67d5c7b75b8dab_JaffaCakes118

Files

d9deb2e8c7bfaac9cb67d5c7b75b8dab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28b40b78689be7e83ccca2ff02354d4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
Sleep
ExitProcess

user32

GetMessagePos

winmm

timeSetEvent

comctl32

InitCommonControls

Sections

.text
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ