162cce9e3f96d6febdab8c12e19558a8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

162cce9e3f96d6febdab8c12e19558a8_JaffaCakes118
Size

83KB
MD5

162cce9e3f96d6febdab8c12e19558a8
SHA1

3d572c0ad4964fa954ebc89251f38262e5e112fa
SHA256

6e0bc37306a51103e6e7503950b6046bb97c86df3f266af20a8712779c37c422
SHA512

9b85ce6064e792be730fc2c83813d4adb3ef2b2b6471e07cc87a99ec6faeac7dc9f68e32ad483b2fb500b1130a35890d7c8bdf46847b546f91252301ce0f0ac9
SSDEEP

1536:7ZxL88lIHYMrWXP3ksaVn0lk83jEErxTWDTMqhGKYIZTET8bDQ:XjShr4KOhjBkMqhGKZTbbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
162cce9e3f96d6febdab8c12e19558a8_JaffaCakes118

Files

162cce9e3f96d6febdab8c12e19558a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc2d71faa6498b0dc821c15c36142f67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCriticalSectionSpinCount
OpenFile
GetCurrentActCtx
ValidateLocale
DeactivateActCtx
SetCommState
GetBinaryTypeW
GetLogicalDriveStringsA
SetLocaleInfoA
SetConsoleInputExeNameA
CreateProcessInternalW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE