09e185f603811a416c99f935d2e51d7b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09e185f603811a416c99f935d2e51d7b_JaffaCakes118
Size

80KB
MD5

09e185f603811a416c99f935d2e51d7b
SHA1

1c5149f73cd08b641bda77104333c8b5125d1283
SHA256

94712a61493cd05adfe6ab2d7f5a8619c8827aae13b63e3d83d4caf0f9ce0100
SHA512

5a3710fd73117ff845cdf0763402935cd1479f4e0e7d8c733d68ec9b26bc6fa6b8281dd4419632806d2195477a9ca11a5436ce25eec727f53738338ed36017d9
SSDEEP

1536:OAOxset7dZMlv3BWH1ok6kC2JAQ8i4jBGw82hW8fPL:ODxRVrMl/ML82SQ2Z8vYL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09e185f603811a416c99f935d2e51d7b_JaffaCakes118

Files

09e185f603811a416c99f935d2e51d7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3aabdde4a754d8f89e58c07f159e09a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetHandleContext
GetSystemDefaultLCID
SetVolumeMountPointW
UTUnRegister
RemoveLocalAlternateComputerNameW
GetCurrentConsoleFont
_lclose
QueueUserAPC
GetProcessWorkingSetSize
Thread32Next
GetCommProperties

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE