ebf11b3d0207c97d67ca46a561820a83_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebf11b3d0207c97d67ca46a561820a83_JaffaCakes118
Size

41KB
MD5

ebf11b3d0207c97d67ca46a561820a83
SHA1

00843261fb03cf1d3933f71a80d2273478cd1247
SHA256

039be9ae0dc8fc68d2a85528228ef3645edd510f1caa27c7b7a5b6816719fac3
SHA512

bc03e8fba7379f245bb8a0801a13778d0e61df5de57557144f8354b75969b4240a588eb93585ed2b5643f91417598b7b651e9c0cf368edeec025e08e3541292d
SSDEEP

768:i8yaEi+6XNRPidjrOHzCA0N7FUWvEphS5By:lyp968jrOTCAcFUOPi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebf11b3d0207c97d67ca46a561820a83_JaffaCakes118

Files

ebf11b3d0207c97d67ca46a561820a83_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28391a92b717029373ba8b94071f739b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
SetUnhandledExceptionFilter
VirtualProtect
GetTapeStatus
HeapFree
HeapDestroy
DeactivateActCtx
ConvertFiberToThread
ExitProcess
EnumCalendarInfoA
GetLongPathNameA
EnumSystemLanguageGroupsA
HeapCreate
ConvertDefaultLocale
GetAtomNameA
HeapAlloc
CompareFileTime

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE