556c160f42aec7763e4ef55925640dda_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

556c160f42aec7763e4ef55925640dda_JaffaCakes118
Size

86KB
MD5

556c160f42aec7763e4ef55925640dda
SHA1

a4776ce1d06491e2817e4ddc6dfa426dcdf6d80e
SHA256

881b5a997d345ee2774aa198efa8c9909661c876d4cdccad53395282a233794c
SHA512

19a738cee7609b8583596205f8cbb9dbe28a52168457ab79c063dbf8536f9dceb3a3da03d7483d146012f6865ab248536b692aa2aa92b3b9358251f967185155
SSDEEP

1536:MgjbTWUnw2fnWLWzEzT+XILPFXEXz0/wmH757Nf1BnJNP7dcf7T61s5Varlj:7jbCUw2fWtzqg0A/757Nf1Njdw7T2cV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
556c160f42aec7763e4ef55925640dda_JaffaCakes118

Files

556c160f42aec7763e4ef55925640dda_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ad0c0cf346d8ff37ccd195957757a4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DelayLoadFailureHook
GetCalendarInfoW
BaseDumpAppcompatCache
SetDefaultCommConfigW
GetConsoleCP
NumaVirtualQueryNode
GetStartupInfoW
GetProfileIntW
SystemTimeToFileTime
SetLastError
OpenEventA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE