119f00738b2b0b0dd08cdc4f4214fc68_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

119f00738b2b0b0dd08cdc4f4214fc68_JaffaCakes118
Size

67KB
MD5

119f00738b2b0b0dd08cdc4f4214fc68
SHA1

f9df7dcf950fd30f7972d63e27d36b950cfae63c
SHA256

b34c522a5ebc52ee96c55aeb145a30520066ee92c7dc53d81da5e9828ada5d38
SHA512

4da0625dacc09ca56e9033de7c15d116caa7efd77eba4b02064e09d1836eaecdc46b777eb1be0805177df8c00b1d25c6a80e6fd520eb3d76df56a5ef5cd34b68
SSDEEP

1536:0zi4jBTVqVBF8GiJEyddDvHVV06ViNVj6GBLq95R629yQ6FTW03ZWOKGTK:0zi4jHqVBWGCEyddDfVVfi3+UFTW03hO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
119f00738b2b0b0dd08cdc4f4214fc68_JaffaCakes118

Files

119f00738b2b0b0dd08cdc4f4214fc68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26597a0b7dec3e2a480dea905dca1750

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExW
GetConsoleAliasA
lstrcmpA
GetDateFormatW
GetAtomNameW
FlushFileBuffers
SetWaitableTimer
CreateMutexA
CreateDirectoryA
CloseProfileUserMapping
Thread32Next
CancelWaitableTimer

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE