03f5050748763f1d72724e9ee43e23ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03f5050748763f1d72724e9ee43e23ab_JaffaCakes118
Size

66KB
MD5

03f5050748763f1d72724e9ee43e23ab
SHA1

a15330fe797e8334254cc74d5db087c0a604e634
SHA256

a21780b92d4cb510d6df2db92c1b6b95ddbb30e8d191f7c93ab5e72541a67e78
SHA512

0f496353dedf3a881c5912f70d167d8497f6759e51a67bf12c2f2ec9154b0707b19af56edfa47346dbd5b89d54cdb07300ebbe26bbc898bdf96e7b30395340c7
SSDEEP

1536:PS23jPrNylh+Q0xxdluQH/Xs4csn/PFWqHDntb8UHm08dB:PhjjAlhXozXs83bDtb8UHjC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03f5050748763f1d72724e9ee43e23ab_JaffaCakes118

Files

03f5050748763f1d72724e9ee43e23ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b778f479c8e6bf9962ce4de841283b73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumaProcessorNode
ReleaseActCtx
SetComputerNameExA
RemoveDirectoryA
GlobalReAlloc
GetCalendarInfoA
GetFileAttributesExW
WinExec
ReadFileEx
FreeConsole
LZCreateFileW
DeleteVolumeMountPointW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE