27ab43acea8cc2e56643892faddc6270_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27ab43acea8cc2e56643892faddc6270_JaffaCakes118
Size

86KB
MD5

27ab43acea8cc2e56643892faddc6270
SHA1

e804b142687404305c77fc19124e2161a978ab55
SHA256

1721760f3f14192af257927a66600e956a7e4d80589ecf94f473e0164a621726
SHA512

570bebf489019f4506e9ead0b8efb337830001afa1cce98511d5622a3d4bb37ebdc1765e623dd4453cd3d684d03d5b32643ad3dd60b857c910761b799d2589ff
SSDEEP

1536:aaoAyiUROSbPfv8vlzA4v87DO2xdUdORFjxbQ2nXmH2INf1BnJNP7dcjzXPeirZp:TdyiJSbPfWG4U7DLdbj21DNf1NjdGzXF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27ab43acea8cc2e56643892faddc6270_JaffaCakes118

Files

27ab43acea8cc2e56643892faddc6270_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ef3791db5f7502f4fe56b095e01f6e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
IsBadReadPtr
EnumDateFormatsExW
ReleaseSemaphore
GetVersionExW
AddAtomA
OpenMutexA
GetTimeFormatW
GetStringTypeExW
GetSystemDirectoryW
DosPathToSessionPathW
GetConsoleCharType

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE