0ed4fa61826690a547b459b18c134bce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ed4fa61826690a547b459b18c134bce_JaffaCakes118
Size

1.2MB
MD5

0ed4fa61826690a547b459b18c134bce
SHA1

160574ec5e17f4f1e5c67ab7c953213d19761ac7
SHA256

a01e6589fa2efd835287898910c7edb6be6519707933686f230329f5b20babad
SHA512

478e59eb18233032fba75fcdea86feac1962885333907a813877bfecaac8cb074e8d4961da4431b4f8995b5147c7e202332ede2c9ec90109d42bb3201f1ff42f
SSDEEP

12288:mKUdJNAnBFlAt32d2Gj7hs1d8UtkdT1MdwYt+ezSI:1U/yfOmUG8d8Ut8wkeeI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ed4fa61826690a547b459b18c134bce_JaffaCakes118

Files

0ed4fa61826690a547b459b18c134bce_JaffaCakes118
.exe windows:65535 windows x86 arch:x86

d266caec701d31753cc424a17d4dea44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateFileA
VirtualProtect
GlobalAlloc
VirtualAlloc
GetDateFormatA

msvcrt

__set_app_type
__setusermatherr
__p__fmode
_except_handler3
_adjust_fdiv
__p__commode
_initterm

Sections

.text
Size: 60KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsr1
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE