125945f010ea0cc2f8b8f840c4dd0b80_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

125945f010ea0cc2f8b8f840c4dd0b80_JaffaCakes118
Size

16KB
MD5

125945f010ea0cc2f8b8f840c4dd0b80
SHA1

d2186c60250a93be0106850dde68c5c214425de9
SHA256

32dcd2f4713bbfa5c66d2ac0f00dc743aa1d331d3b3db52db4a6f94ce1fa51d5
SHA512

9ffd7657bcecb20cadf280fb4743ad4598fa69e3add4b4cb694d65014c581307550d4149c879b6e91490c56b3f76f7296a1863017abe21adef56cb82ce4206c8
SSDEEP

384:ngH4oqiWJl1RE8vPvpOOoBdRigAADFiV7p7uK:gYpl1RRYO6RigAADQV7t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
125945f010ea0cc2f8b8f840c4dd0b80_JaffaCakes118

Files

125945f010ea0cc2f8b8f840c4dd0b80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70a3a28c4167df770f8b82a0f33b0380

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockFile
VirtualAllocEx
ExitThread
UnlockFileEx
ReadFileScatter
UnlockFile
GetCurrentActCtx

dsound

DirectSoundFullDuplexCreate

tapi32

lineAddToConference

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ