095b5dc2b526465b817ce6a14f84de50_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

095b5dc2b526465b817ce6a14f84de50_JaffaCakes118
Size

303KB
MD5

095b5dc2b526465b817ce6a14f84de50
SHA1

2e9acc1d5e57e77fc9098f59fe5268342b788562
SHA256

031f06bb0d9a450aac3f8856dae7c70c3e0d004a2e8e7a59f49c3543916c425e
SHA512

b7ecc20b8549bbf8db980c19f472e035f969a0cd77bc44352011ebac7edf464e72c0ebb7868f2954ac62d6656cc793889f72c2fe0b9e99e36cfafa733cfa6228
SSDEEP

6144:4rqfO//t0SFC8n8u8hAp10gqmnNMjuUD7lwhFHC7cpnJ82gJG+znNbWLH62D+6:IqfOtr50+p1smnN+72FHC6J8rJGYYLa6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
095b5dc2b526465b817ce6a14f84de50_JaffaCakes118

Files

095b5dc2b526465b817ce6a14f84de50_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a7830dd288cd5245017b5c55c7df1a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
lstrcmpW
GetFullPathNameA
OpenMutexA
lstrcmpiW
GetModuleHandleA
GetDiskFreeSpaceW
ReleaseSemaphore
CloseHandle
GetVolumePathNameA
GetConsoleTitleA
WaitForMultipleObjects
GetFullPathNameA
GetPrivateProfileSectionW
HeapCreate
LoadLibraryA
CreateDirectoryW
GetFileAttributesW
CloseHandle
GetEnvironmentVariableA
GetCurrentDirectoryA
GetExitCodeThread
CreateEventW

certmgr

DllUnregisterServer
DllGetClassObject
DllCanUnloadNow
DllRegisterServer

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.zdata
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ