0f0df79aa9fa0d1f3b71b1920d9f5920_JaffaCakes118 | Triage

Sharing

General

Target

0f0df79aa9fa0d1f3b71b1920d9f5920_JaffaCakes118
Size

1.1MB
MD5

0f0df79aa9fa0d1f3b71b1920d9f5920
SHA1

9ba89608fe6c2fd838d1ef546230aaa25d69348f
SHA256

ad1f91dc4697b44471509dbf4b1d67e1ce5ca84969be0f04b925777a84bcb552
SHA512

79bc645bf59c7676f801ac739e2b4d62737277df4c4f0330c0dcfe97d4aa2a1c6a29ccbb55cab8ce5da1062316c11fd6b75c7f2a6ae2a76140dac8cdf3324d0e
SSDEEP

24576:yPbK578hVHi5BZDwPw217Lzf2Q87KL08pGNL4:QiIhKQ4i7LlXo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f0df79aa9fa0d1f3b71b1920d9f5920_JaffaCakes118

Files

0f0df79aa9fa0d1f3b71b1920d9f5920_JaffaCakes118
.exe windows:8 windows x86 arch:x86

064a954cfb804da07d5c14a6116cdf8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetHandleInformation
GetCurrentThread
HeapDestroy
VirtualFree
VirtualAlloc
HeapAlloc
SetThreadExecutionState
HeapCreate
HeapQueryInformation
CreateThread
GetCurrentProcessId
OpenProcess
SetThreadPriority
HeapFree
SetHandleInformation

Sections

.text
Size: 1018KB - Virtual size: 1018KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ