109218db9cb3309cefe86fc96b16d5df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

109218db9cb3309cefe86fc96b16d5df_JaffaCakes118
Size

76KB
MD5

109218db9cb3309cefe86fc96b16d5df
SHA1

094b215cdcdf5c6aa9f5dab5524cd1a7f7907c52
SHA256

de3f402fe513b2aebcb4cd8da88c18bead94812eaad1fbcf7f5ec142cba01bae
SHA512

a0e00db97623ebccf5f11d4d0ad43dbc8b12faea3f0b2a125a4cfbb23a8748abf23ee00666bd1d722f0fe6d65a3f28184036aebdf8566af88dadc99221cfcd5d
SSDEEP

1536:uSCCCzM5/PKYa3fYkDXszYrRKyvuIpjVrs2ryrd1vUQuq6:uSCCCg5/SFPYkDXGYrXWIHs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
109218db9cb3309cefe86fc96b16d5df_JaffaCakes118

Files

109218db9cb3309cefe86fc96b16d5df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b8beb20f26081c98b6ec216766fd2ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumePathNameW
CreateMutexA
SetCriticalSectionSpinCount
RaiseException
ReplaceFileA
OpenWaitableTimerW
HeapSize
FreeLibraryAndExitThread
DeleteFiber
SetCurrentDirectoryW
EscapeCommFunction

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE