38be1595cc442446d7bf6c97dcfc075c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38be1595cc442446d7bf6c97dcfc075c_JaffaCakes118
Size

326KB
MD5

38be1595cc442446d7bf6c97dcfc075c
SHA1

6ccdbcffe86ff1c566cf317125729adfe1c7e7f7
SHA256

b04c5a6b8ac5c9f297079b5e0a26066f509efeb904ad304aa2adb45606ab78fe
SHA512

e02b3471c5e66600d0f71d2a43824d7c92e3ad56bbd28e0fc5fb67e2d58e27f41c5ebcc2ac59e15df42cc2101b565f0daa2a1dd22877ee96fe5f557ae6a555ca
SSDEEP

6144:fCP3eKO7iD3eszCBHQxOPtRh0IXfBvSlraYYxXbA2fCOWyfz40eomA7rsWugDCe:fC2KOOD3eszCBwsXeIPlwOnXbA2aDyrN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38be1595cc442446d7bf6c97dcfc075c_JaffaCakes118

Files

38be1595cc442446d7bf6c97dcfc075c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cd8ef21008b97d7b2e0fe70e36fc99db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetTickCount
VirtualAlloc
GetProcAddress
GetModuleHandleW
GetCurrentProcessId
GetCurrentThreadId
LoadLibraryW
LoadLibraryA
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 148KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ