f5d09606039d9f663f250d968c4bffec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5d09606039d9f663f250d968c4bffec_JaffaCakes118
Size

17KB
MD5

f5d09606039d9f663f250d968c4bffec
SHA1

86bd1c2016d16c2591c13c26877a80edcc7a9c04
SHA256

58ad75d708326389505457029799f7b3f7d6b4dd5fe4f30b382a8ac82ee9f881
SHA512

6fb9a1a05d19467c41cbce1056725e8002a133bdc8a5e93d9166cdfe683d135cb7567bbcb4c512c3cc1d458fddce13e3b2401044e1b823f4143ea23ec00c0df9
SSDEEP

384:bhbHoOOIdHj0wwf+s1J6jw2+TJRUHKoXIA8i:bFIOLjwf+s1s+KKXA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5d09606039d9f663f250d968c4bffec_JaffaCakes118

Files

f5d09606039d9f663f250d968c4bffec_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0931e97555ac33eb10aa9539fe890070

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetTickCount
GetModuleFileNameW
SetEnvironmentVariableW
GetSystemInfo
VirtualQuery
GetLastError
MapViewOfFile
CreateFileW
CreateFileMappingW
UnmapViewOfFile
GetFileInformationByHandle
CloseHandle
VirtualAlloc
VirtualFree
GetModuleHandleA
GetFileSizeEx
GetProcAddress
LoadLibraryW

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ