409e52d5737e40d446dc39925515eac9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

409e52d5737e40d446dc39925515eac9_JaffaCakes118
Size

25KB
MD5

409e52d5737e40d446dc39925515eac9
SHA1

186f7f641ac520a6fd6f11daaf23ebfa1aac19e5
SHA256

2311404eef07bdf0dddf6e72f98d8a169d9d0e9aa3f727bf449f04465087e52f
SHA512

c1b9d7b65af7ef47d72b67a494a0b0b25fb6d1a4c69009c59c6013624cb4f19966b72e64da8813c61e16927c7eb8e55d6d2b460fde3e192c51b23d1750ad11c0
SSDEEP

768:LCV3NAAfc4cAwww9YMHRC/jdn02NI3K58Dkr/r3i7b+9ti:L+dAITN+s8or/Kb+9ti

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
409e52d5737e40d446dc39925515eac9_JaffaCakes118

Files

409e52d5737e40d446dc39925515eac9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45a3534809229d6a17811e166757b9b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
BuildCommDCBAndTimeoutsA
SignalObjectAndWait
SetCommTimeouts
FatalAppExitA
lstrcpynA
SearchPathA
HeapCompact
SetFileAttributesA
FindNextFileA
Module32NextW
GetNumaProcessorMap

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE