091535b8964e17a49e49e9573dc60440_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

091535b8964e17a49e49e9573dc60440_JaffaCakes118
Size

134KB
MD5

091535b8964e17a49e49e9573dc60440
SHA1

128111769eae010b32a3ff045a5dbecb868426c3
SHA256

b6f3dfb40a43064622a9ec4f3aad529aec28d952edff40b77cae165ef054381f
SHA512

4e5cd1a6e544c0f84fccb5b1a446168b58998b2c808260958a1049196ba146ef255e7f743d1370d36832381dd03f93a171762d56aabaef97ab6d5d9e1f8a230b
SSDEEP

3072:Z7IaioisS02fGZ3xGesJAFlQz0QGysM2stF11+vzh:Z7IaioL2+BIDJALkGyrtF1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
091535b8964e17a49e49e9573dc60440_JaffaCakes118

Files

091535b8964e17a49e49e9573dc60440_JaffaCakes118
.exe windows:4 windows x86 arch:x86

195c3d0dfdac2782eb4c6a64be5642aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WaitForSingleObject
CreateThread
LoadLibraryA
GetTickCount
GetProcAddress
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
GetProcessHeap

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ