01ce4c105b8e1512471755fda905bd64_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01ce4c105b8e1512471755fda905bd64_JaffaCakes118
Size

16KB
MD5

01ce4c105b8e1512471755fda905bd64
SHA1

01d87134148465aee116bd31d9b586292d7e4684
SHA256

ce487bf001eee7b4c10f83bab10ca217e4241b535b6fd1ed81dd8ca60df0c5a9
SHA512

8330a01de87d837e50439b23b53cd98b63dc2d766b0570958a4f5df038f999a604350251f7cb9e87a9bf0e741d4c27a71add2f11eac73a0eb8e62f7e64369ef1
SSDEEP

384:GUk6i75Xi+vIICTbpQ3xqusQBUk6i75Xi+vIICTbpQ3xqusQ:Gf6i1S9YfBf6i1S9Yf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01ce4c105b8e1512471755fda905bd64_JaffaCakes118

Files

01ce4c105b8e1512471755fda905bd64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5626fcad77d812cd3aee8e13715093c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
GetProcAddress
GetStringTypeExA
GetTapeStatus
GetThreadContext
GetThreadTimes

msvcrt

_CIsinh
_setjmp
??_U@YAPAXI@Z
?name@type_info@@QBEPBDXZ
_Getdays

Sections

.text
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE