df7d8f5e10e5947611eca8aef744250f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df7d8f5e10e5947611eca8aef744250f_JaffaCakes118
Size

345KB
MD5

df7d8f5e10e5947611eca8aef744250f
SHA1

3edb56654f11455bbd24796577b4fb7529aafca6
SHA256

660cd645268052b7901046372a219d4091a7deef23321b0bb3fec9e332f0ed61
SHA512

dee78ea346011a83347f6d42475dc43682c7f794f6d78c83ddc5fec6fdb6cae72f9f5feb85bba2774e65c2536cd666d91e7fa960faecbf6fc14e1dd354a1b6da
SSDEEP

6144:m278/2QtTkeIcJzpXx6v9TQ2Qxm+wuZzu3FGHhhUUa15tf250ZwQNTJkyPMeyh:v22QtTkeIcJ1XxgrQg+DzThVa15JTuQo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df7d8f5e10e5947611eca8aef744250f_JaffaCakes118

Files

df7d8f5e10e5947611eca8aef744250f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64a8ee0a5a9bad5b8e47bc9e1ee0d7ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcmpW
TlsGetValue
GlobalDeleteAtom
CreateProcessW
EnumSystemLocalesW
GlobalFindAtomW
DeleteFileW
GetProcAddress
EndUpdateResourceW
GetModuleHandleW

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ