42fdea8806d5873903987a264b3f7cca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42fdea8806d5873903987a264b3f7cca_JaffaCakes118
Size

5.1MB
MD5

42fdea8806d5873903987a264b3f7cca
SHA1

64f04fbec82866fae86b721c596b84f615a9b663
SHA256

460a988065cd8134ecdeeaacc62fef64702c96025c81e49f6724d3a479852a60
SHA512

614d604e74d855fdef6e1410dc4db4a073092699fb7a6a6df4b75d0aef932d7c31257988aa43b36dca693eb57537d327ee7a604e728cf5abe8034608bffa0454
SSDEEP

98304:exEl4L7TLiinQyUHmbikcybCbOufPlCYWSAraZUJS3+jAkh+G6n:EUA7fi+QzHmbpDCqAPlCdxUQS3mj+G2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42fdea8806d5873903987a264b3f7cca_JaffaCakes118

Files

42fdea8806d5873903987a264b3f7cca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cb7a0741f72e351f4f06db65aa6c456f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AreFileApisANSI
ReleaseMutex
GetCurrentThreadId
GetModuleHandleA
GetProcAddress

Exports

Exports

?Ja3241270178212@@YGXPAXPAD@Z
?Jajs340982039412@@YGHPAXPAD@Z
?K333333aoo@@YGXPAXPAD@Z

Sections

142
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.1431
Size: 512B - Virtual size: 487B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RSRC
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.41442
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 473KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE