10e55105239c24d5fa5e27941af817fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10e55105239c24d5fa5e27941af817fc_JaffaCakes118
Size

80KB
MD5

10e55105239c24d5fa5e27941af817fc
SHA1

3fba4f2390ba7755987c6dc2f92cae5063399c79
SHA256

b5e20dbaf7477710fd91897f18096b31afd5c3fa55a6913b422a1ee2171d45b7
SHA512

45a7e5f71fe6298daa71d5f3d26cd117f038834bf70c421627b4c92aa1e3e86bf9b1691ef6ff1ff51ce1f777bddc5d1c2c5bf3e59c13393342de32fdad2860b4
SSDEEP

1536:41E0lHDSQIs6Q5hYVkto+zBPzZOxcpfuDWmLvEmd82hW8fPL:41E0hL56N2VO6pfuDpLsmd8vYL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10e55105239c24d5fa5e27941af817fc_JaffaCakes118

Files

10e55105239c24d5fa5e27941af817fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc016bad74eb24f9666ef05bae82fb86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
RtlFillMemory
QueryPerformanceCounter
GetCurrentDirectoryA
GetVolumeNameForVolumeMountPointA
GetConsoleAliasesLengthA
GetCurrentDirectoryW
QueryPerformanceFrequency
GetTickCount
GetShortPathNameW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE