fa87b78244b343f5823fca3e85e7777a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa87b78244b343f5823fca3e85e7777a_JaffaCakes118
Size

112KB
MD5

fa87b78244b343f5823fca3e85e7777a
SHA1

e601f28b936af2e05b78d79c6034f2e197040906
SHA256

41b53aa546e6a16cf9a73ff52f147bf7f2df26e61c4d9c8ba3c2ae90732a907a
SHA512

0647be05996376fe99d87281c4874ba1c44723cc55e868edebf5d6cced02d99250fef39eebb202647c7421b1366fc2834fd5c6d9247dc39e34015b9a12234c4e
SSDEEP

1536:T1aH0v0g9gPeFyfZz2S4aZ+AckveZLGzn9/Kg5Is/HLRj30YO+6aDw:T1aKZU4aZ+EvkL4nhKJsND0U6aD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa87b78244b343f5823fca3e85e7777a_JaffaCakes118

Files

fa87b78244b343f5823fca3e85e7777a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

148653197e55ae57a8b219a5f727ce92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
MulDiv
Sleep
ExitProcess

user32

GetDesktopWindow

winmm

timeSetEvent

comctl32

InitCommonControls

Sections

.text
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ