3909f43703c5d57e709fe03329b5bcca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3909f43703c5d57e709fe03329b5bcca_JaffaCakes118
Size

56KB
MD5

3909f43703c5d57e709fe03329b5bcca
SHA1

6da7631713f792b01b172702f431ee501087b12a
SHA256

bafe32dfd4c098323d0d198cfa348a9b0ed79fbd18b10de2ec4d1120e142f07e
SHA512

e3675139aa97973e821547e10b5596b658ce0f21047f0dd6cb997ca9e4236b235a87ef31ef52417f766110610d6b36a265bab695e3a2da270c9a438867dc2095
SSDEEP

768:cvt5dEMC0xNMa+HD0WzbJdt1z1poWQ80DEq9qG8NfCAS44TqgFB7InNwE5Gnjrpr:KfyjSazGoC+4VB0ipjrtShJs3mTWB6Ib

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3909f43703c5d57e709fe03329b5bcca_JaffaCakes118

Files

3909f43703c5d57e709fe03329b5bcca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c72ca989b6220d99b6953f587285f95b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateHardLinkW
Process32FirstW
GetVolumePathNamesForVolumeNameW
CreateJobObjectA
VerifyVersionInfoA
BaseCleanupAppcompatCacheSupport
MoveFileExA
CreateNamedPipeW
SetEndOfFile
EnumerateLocalComputerNamesW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE