f021cd15c388dfac2c3ae225ace0e74f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f021cd15c388dfac2c3ae225ace0e74f_JaffaCakes118
Size

112KB
MD5

f021cd15c388dfac2c3ae225ace0e74f
SHA1

0a9cba4090c93f841a2e03736b04373769b08cdd
SHA256

f1a663623b1952b97e83d762e92dea41213cfed69865326912eaab0d4cc05834
SHA512

c3a20b6acbac7f5aced291ec0eda337c710ac60fb1e9425fcccdf6008c40f236e8b54024565aa51ae25c4b226bd10d872de0798ffcc18455514de349c6d32107
SSDEEP

3072:TZBAiE5A9z1FYcsEKkwmOYJ22Cr/tt4OTWWK0EJUWal:TZBA7W9IEK3mX1Cph+ja

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f021cd15c388dfac2c3ae225ace0e74f_JaffaCakes118

Files

f021cd15c388dfac2c3ae225ace0e74f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6ff9dc3e64d1ddefb55f8abd670e9b38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
GetTickCount
Sleep
ExitProcess

user32

GetMessagePos

winmm

timeSetEvent

comctl32

InitCommonControls

Sections

.text
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ