52a6207ce7c5e07a0b53b54b18426e30_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52a6207ce7c5e07a0b53b54b18426e30_JaffaCakes118
Size

56KB
MD5

52a6207ce7c5e07a0b53b54b18426e30
SHA1

35b1398606715b32dba561855c3c2529dcb26fc2
SHA256

1055da4fb3c7a86eb4bc8f6d4de43ef043a2c9fcf5f83541fde2e9fb557817d2
SHA512

ca2114a607de11c1e6e8aed08bbc6a32009b2385be7e76d453c46ff940b440fd579ec1b9ed15726025f7f18a1969263a038e930e9028cbfd61d19a49d893a875
SSDEEP

1536:fmZpcotdQmGWQM5zpjBQEa8kberwW5fBxNNJ51l0dddo6J5h8W:fmZpjtdNPZ5z7Q8EW5fjNTLl0Zo6bWW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52a6207ce7c5e07a0b53b54b18426e30_JaffaCakes118

Files

52a6207ce7c5e07a0b53b54b18426e30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4d09c126d4061af4daeb3c3e3ecea26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
LocalReAlloc
GetThreadSelectorEntry
EnumCalendarInfoA
FillConsoleOutputCharacterW
InterlockedPopEntrySList
GetDllDirectoryW
SetNamedPipeHandleState
DebugBreakProcess
EnumSystemLanguageGroupsA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE