0a3609b86385f6c7f2002dbce2e81746_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a3609b86385f6c7f2002dbce2e81746_JaffaCakes118
Size

83KB
MD5

0a3609b86385f6c7f2002dbce2e81746
SHA1

9f6a6657920a29f9b748dd59d4655310bb320207
SHA256

065fa6228f76e9ff679f88a694b4488c32fa349021f596210dfd14b12abd7f9a
SHA512

02bd9c394ab669a67ee869311adc1ebac6a9a3d159eeeccb43362df1fcfbd732ee186da5869d7beeed800b3d25b78317064c020042b857a689584d0bb1dc32db
SSDEEP

1536:i+iV8frGNmc6TUGSHJ6BmSBo1ddw+xHfLjEErxTWDTMqhGKYIZTET8bDQ:dlGL6TxuJ6BDqS+VLjBkMqhGKZTbbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a3609b86385f6c7f2002dbce2e81746_JaffaCakes118

Files

0a3609b86385f6c7f2002dbce2e81746_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b2027e9e0b3a3f5ba886c2f070193a9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RegisterWaitForInputIdle
GetThreadTimes
IsWow64Process
GetProcessVersion
FindResourceA
IsValidCodePage
CreateDirectoryExA
HeapWalk
CreateFiber
OpenFile
SetFileShortNameA
GetDiskFreeSpaceExW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE