10d42c60ede3701aa64e223fd45d95ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10d42c60ede3701aa64e223fd45d95ab_JaffaCakes118
Size

63KB
MD5

10d42c60ede3701aa64e223fd45d95ab
SHA1

3ccccc87d08faf50b1e611e6143a1444ef5c6d0a
SHA256

be292410e35e4231bc366b4edeecbc7c9db84e08829f47505418f925bed36c78
SHA512

3c6e875cfe466788f2c7aaa77dfd726aab465694ab50c4ef39a74d5f31386a66602e860483d1d3d27d3a419000edb83674b09a7c9d637c77341ba6d182cd1239
SSDEEP

1536:y2K5jL5FaQyb8i0dULti28KPLbjrnYKob2wcnCWm4M:y2UjLDaQywi0dU5ljsb2dCWM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10d42c60ede3701aa64e223fd45d95ab_JaffaCakes118

Files

10d42c60ede3701aa64e223fd45d95ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

771f5fa48bcec295484671cedea8df0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumaAvailableMemory
GetProfileIntA
DuplicateHandle
FatalExit
CreateProcessInternalW
GetCurrencyFormatA
FreeEnvironmentStringsA
GetConsoleAliasesLengthA
GlobalMemoryStatus
ResumeThread
FileTimeToSystemTime

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE