56895cfc119d408d06287c0b5a5ba4ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56895cfc119d408d06287c0b5a5ba4ef_JaffaCakes118
Size

490KB
MD5

56895cfc119d408d06287c0b5a5ba4ef
SHA1

085a6fbbb043ea1ce822c8bd4c6ce0b87cbec7d8
SHA256

eaba2498aa2da80955a2b58938e206a3efee506edc712916a45615b147656f75
SHA512

ac265e4edb82463092127b1d84d4882f6297359578da9e1325fae25cd49ad2c15196d7b97dcdc2310ffa66549dd1885081a39a84dd3c411ea287d7ed9f176241
SSDEEP

12288:3HIkPl/TIEcolqn8vg0CUfTPd9nZI4UQa:3oM7TcolO0T19nZq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56895cfc119d408d06287c0b5a5ba4ef_JaffaCakes118

Files

56895cfc119d408d06287c0b5a5ba4ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9fdab3afd2f09099ad12d4a757df2dc4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetModuleHandleW
WideCharToMultiByte
DeleteCriticalSection
GetCurrentProcess
CloseHandle
CreateFileW
GetLastError

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ