ff0a3fb9d9fbf163d6cee333978bb327_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff0a3fb9d9fbf163d6cee333978bb327_JaffaCakes118
Size

91KB
MD5

ff0a3fb9d9fbf163d6cee333978bb327
SHA1

2306133e8f6230234c19dc8630a724d3cda6d2b5
SHA256

721b47a07cf7b8900473334d7e1c84aaf73f8cf9a958abd64c9291df291b560a
SHA512

32d7fed4350bcb87387f9cf957791da3f5196dc8bed07624e388ff3cc8810254044edeadb8e4d2f65f3968552076940e5af56e591ac8b67b3950ee389404dd46
SSDEEP

1536:4swkH1yNwmqHP5Sdat7KjmkIizqpVZc1uHhS4YrzXmwPVR5MRjH57kTkN:ttQS7Knz2YO040zWwP/56jC4N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff0a3fb9d9fbf163d6cee333978bb327_JaffaCakes118

Files

ff0a3fb9d9fbf163d6cee333978bb327_JaffaCakes118
.exe windows:4 windows x86 arch:x86

917b3bd5d8792f8892de67bfe2e8377e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapUserPhysicalPagesScatter
RegisterWaitForSingleObjectEx
LockFile
Heap32ListFirst
PrivCopyFileExW
QueryDosDeviceW
GetProfileIntW
GlobalGetAtomNameW
GetConsoleCursorMode
CreateMutexA
ReadFile

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 76KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE