1462ca55470b3adbbe5f601bbf4559af_JaffaCakes118 | Triage

Sharing

General

Target

1462ca55470b3adbbe5f601bbf4559af_JaffaCakes118
Size

76KB
MD5

1462ca55470b3adbbe5f601bbf4559af
SHA1

c8e69f901349132fc5e283fcca35e1845cd14715
SHA256

d1e9b7ae7cd602458e4fcea3f7841214df675a413768b1637dc52e20599343f8
SHA512

c7618b46504149482cb1c2bece3e2a77f43dce817c81e0684a768889f00c29866ed8fdabadd992b1a0ce3405644b31081bb9a5240373239c7b3888603a90f13d
SSDEEP

1536:jbI9PcItNepTAF21CGSmyvhH4xdOgRipjVrs2ryrd1vUQuq6:gpt7IAF8WS8THs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1462ca55470b3adbbe5f601bbf4559af_JaffaCakes118

Files

1462ca55470b3adbbe5f601bbf4559af_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18c58206d864d26701e4d4bf91ae7e98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
SetDefaultCommConfigW
RemoveLocalAlternateComputerNameA
RemoveDirectoryW
GetBinaryTypeW
ReadFileEx
SetFirmwareEnvironmentVariableW
CloseHandle
OpenThread
SetupComm
DecodeSystemPointer

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE