0f41d542c75ea9d35512db44a5d236d0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f41d542c75ea9d35512db44a5d236d0_JaffaCakes118
Size

62KB
MD5

0f41d542c75ea9d35512db44a5d236d0
SHA1

f3ff39c9c174c8d22eefb17b7455692d6068c7fe
SHA256

466855337e6e6270132217139ac0155a9100d60069be0bcf9001c98745301b5e
SHA512

f77e3700b7cea2c575861a6e637b2142be403b0b611efff952ebe6a934eb50cb5a7a1ca18d7b66d34f6c3faddc5be546991ada6ed0cda363ba2b5aa722e8cad1
SSDEEP

1536:RTdhXMe+npQHJda3ZhVQy/9JQSBu1tqGujJNj6JOH15YI1d0:RTdBj+pQYZjJQouTcNj2OHLYGd0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f41d542c75ea9d35512db44a5d236d0_JaffaCakes118

Files

0f41d542c75ea9d35512db44a5d236d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4fab5565ca62c7a35e741f49d685e296

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
CheckNameLegalDOS8Dot3W
DeleteTimerQueueTimer
CopyFileExA
GetFullPathNameW
FindNextVolumeMountPointA
FindNextChangeNotification
GetComputerNameExW
BuildCommDCBAndTimeoutsA
FindFirstFileExW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE