0a297430de764a5e7427813dfc1ad056_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a297430de764a5e7427813dfc1ad056_JaffaCakes118
Size

83KB
MD5

0a297430de764a5e7427813dfc1ad056
SHA1

aafd000062482007a135a7f94329cae6897dd061
SHA256

9460c2949eacc8958eeb83965ae35ecc50d06795d987145defa3fb5b7d77ae04
SHA512

0178c0c15b2b5a4749df67ea45dc2fc0404063ae81e68b487b1b036c8877bb04f2f3e9805241ffe4d6d898ee3c36a00058c98ec98f859db998cfb2769e386dfd
SSDEEP

1536:nXtXOC6lPrHlsaKL6WDg1qL7D4shbjEErxTWDTMqhGKYIZTET8bDQ:2PrHFKezqL7DZBjBkMqhGKZTbbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a297430de764a5e7427813dfc1ad056_JaffaCakes118

Files

0a297430de764a5e7427813dfc1ad056_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0a0a89d2702a0977eaf1b4a7297d096

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLinguistLangSize
GetFileSize
SetFirmwareEnvironmentVariableW
CopyFileW
SetCalendarInfoW
CreateProcessW
GetStringTypeExA
CopyFileW
TerminateProcess
WriteProfileSectionA
BuildCommDCBA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE