11994e6f909168082ea74db26d487ff7_JaffaCakes118 | Triage

Sharing

General

Target

11994e6f909168082ea74db26d487ff7_JaffaCakes118
Size

13KB
MD5

11994e6f909168082ea74db26d487ff7
SHA1

96512cd8fe8f2983355eb35822d9d60170ffc2ca
SHA256

abe26702beb25f20425e6bb07ca7186648c3fd708afdd822eb4f58d9519a4ac8
SHA512

8931531fecebf9894a3fcc541b13bb0250e7800d9d9fdb7225743d2030fd3cb74ba098cc4acc40a9bebc2e94f77f2a8a0ff4b5e9cdc4fe182f97f384279a73d1
SSDEEP

192:lygVkX7nqEDtSY2UA9TpawHxz9yxMTWDaUqePv/jhQ9NNaaf3a3RXE/JJRAUltNz:lYLZDFzD9DrqeHgqRXEB4UbNVk3u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11994e6f909168082ea74db26d487ff7_JaffaCakes118

Files

11994e6f909168082ea74db26d487ff7_JaffaCakes118
.exe windows:1 windows x86 arch:x86

59bbd86d2fd53cab8b4f92aed718c588

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
EnterCriticalSection
ExitProcess
GetLastError
InitializeCriticalSectionAndSpinCount
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
lstrlenW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ