f573e8bddb44149b8fb7a3dac30aec4b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f573e8bddb44149b8fb7a3dac30aec4b_JaffaCakes118
Size

63KB
MD5

f573e8bddb44149b8fb7a3dac30aec4b
SHA1

0d61d3178a736a30f6392340ed0f23bb0ffed42a
SHA256

526c892f8cd2f9a0202b28c655c622c63fee0547d3eef7f47169a6d2e600fea4
SHA512

ab2a33168b25577401db5eb1866334dd08468a6c2e70dd023808eb0f82d728b650870438d01cb9cec827e19b91be519a63ddbadf9beaf599dd8746882ad333ce
SSDEEP

1536:5shJ6U7Bk5WieEZOprjCCHIZ0v4avKRgEMsCIl3xaz6tu1IK96hGKskgs1qt/As6:ehz9zobINIln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f573e8bddb44149b8fb7a3dac30aec4b_JaffaCakes118

Files

f573e8bddb44149b8fb7a3dac30aec4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7526733938f0852b06814cee65933db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitNamedPipeA
CompareFileTime
WriteProfileSectionA
GetVolumeNameForVolumeMountPointW
lstrlenW
lstrcpyn
GetPrivateProfileIntW
lstrcmpW
GetVDMCurrentDirectories
LoadResource
EnumSystemLanguageGroupsA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE