134710c9257578c9e9b180658bd2adc4_JaffaCakes118 | Triage

Sharing

General

Target

134710c9257578c9e9b180658bd2adc4_JaffaCakes118
Size

1009KB
MD5

134710c9257578c9e9b180658bd2adc4
SHA1

3dfc0b0e4e60f66ab8f563f46e2422766b49d064
SHA256

0a1e789a10df40138ff0d4dc3e847af0cf2585df66906a179a81e66e83ee3e8e
SHA512

89f77fb29d8ffabb2936b3bff9d6096b62f046d3f547a9dc845b623b2abe77f1e45d6440aae58a9feea33b33cfba3b27a3433b9a41add39fb47709563787ca4f
SSDEEP

24576:PDeZ5o3hpPTTe/gx2Vjy5MJoq/C8ucqNgx0+/WS6w3:SZCPTTvxeuvGR/L6S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
134710c9257578c9e9b180658bd2adc4_JaffaCakes118

Files

134710c9257578c9e9b180658bd2adc4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

400f7a688fc2acaebed7af5cdc03df41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysStringLen
DllUnregisterServer

kernel32

GetModuleHandleA
GetStartupInfoA
GetCurrentProcess
MultiByteToWideChar
InterlockedIncrement
ExitProcess
TerminateProcess

Sections

.text
Size: 842KB - Virtual size: 842KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.version
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ