f50cc883aac4294183598c411e011cac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f50cc883aac4294183598c411e011cac_JaffaCakes118
Size

340KB
MD5

f50cc883aac4294183598c411e011cac
SHA1

28f799f379bde91e259104bff619b9dadd6e702b
SHA256

0c476a308354aae17954a27d4b541d19fb747d1b3467da85b3b42842a45d4324
SHA512

57e26b26387f6e200ceb755d708e9b608b66d9d8c8ce08acc856bcebc9be23aa7793ec984d1cf5a1a7cc0fb4df32f57281b6ed3a8fbbbf0ae83882a27141a3e0
SSDEEP

6144:caf+Exfz88aZoEkisJvGxx2QQEYV2gy2fmeR2MTme1aNZs7+8tas8zuT89:c7t8lEzsJOCQQssR22laNs/g9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f50cc883aac4294183598c411e011cac_JaffaCakes118

Files

f50cc883aac4294183598c411e011cac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9e460df6b6008932995edf44f42aa7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetLastError
GetModuleHandleA
VirtualProtectEx
GetTempPathA
GetProcAddress

advapi32

ConvertSidToStringSidW

avifil32

EditStreamSetNameA

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 683KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ