05c9dd6ab02852ff033f1d6ba4517ba2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05c9dd6ab02852ff033f1d6ba4517ba2_JaffaCakes118
Size

76KB
MD5

05c9dd6ab02852ff033f1d6ba4517ba2
SHA1

89e9a9373c8d121e3e147b40ff0ed300cee9ba2e
SHA256

ec803d199f31454d73f492386caf9bd95285523e743145895aa6ea5a43251eeb
SHA512

7b196450edcb2a2be0a2a8f4955d2c3a5c203fd17dc8a5309b0588994ef2154b2c9ae54b772f1f85b70f22ef44bd65b5e842b65cf67dbedd6e4c86e177ac44b6
SSDEEP

1536:+2CLCLCLCQCCv82xK41mNKjA5bRdb17+dCKWkaKm4/sbvz82hW8fPL9:yCCU2xK4ssjAZRV1CAK1aqsbvz8vYL9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05c9dd6ab02852ff033f1d6ba4517ba2_JaffaCakes118

Files

05c9dd6ab02852ff033f1d6ba4517ba2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d232934bc04c32e22feecaaa3132240

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BaseCleanupAppcompatCache
GetShortPathNameW
GetTempPathA
OpenJobObjectW
WriteConsoleOutputCharacterW
SetCurrentDirectoryW
GetVolumeNameForVolumeMountPointW
GetProcessPriorityBoost
lstrcpy
CreateWaitableTimerA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE