042f64c31665970f19d44d177c47b0db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

042f64c31665970f19d44d177c47b0db_JaffaCakes118
Size

63KB
MD5

042f64c31665970f19d44d177c47b0db
SHA1

98681a96abd9e9aa2c027d161a98ff6544bf82d2
SHA256

ead7d0dc0bd1101213c6bfad841c1c21261bcbae85d5e780de2d30923afdad48
SHA512

b17a3cdc3d8299c698b6bdd2f38b10b830d3957c2adae2f61524cecd302cef6bc496c5cb21057a2cd501d771e04e100eef6a86b719a22ecedbc1ecde59cbb44f
SSDEEP

1536:s4SYlhkqBnB85D8qopu2l05XWM/kkU88VFJRlSJFqc:jvFnBADF920Pkft9Xc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
042f64c31665970f19d44d177c47b0db_JaffaCakes118

Files

042f64c31665970f19d44d177c47b0db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c25bb4b442b2afb1793cd7df312b885

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputW
FreeUserPhysicalPages
FindFirstVolumeMountPointW
WriteConsoleOutputW
UnregisterWait
CreateJobObjectA
LockFile
GetFileAttributesExW
UnlockFile
AllocConsole
FileTimeToLocalFileTime

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE