827568f57373b89740186d3b94e62cbb_JaffaCakes118 | Triage

Sharing

General

Target

827568f57373b89740186d3b94e62cbb_JaffaCakes118
Size

56KB
MD5

827568f57373b89740186d3b94e62cbb
SHA1

5a92db3913836847d44d12282dc01e91d7c25063
SHA256

93ea6fbf04a8293bac2b3d1ae95cb8e2a20cfb06d1b1bb15d5b5b9cea8ed7036
SHA512

48f625d65e670ad7bd3f90e618b22eebe3f4376f975afd5d09ed850ffbbacaa77d28f310211c4512e4f36be48e7723f823bbc41d126364dd50f332d3e596bef5
SSDEEP

768:Ugk7had7GA0bdN7/Eb1pi2Rb94dEsZDFC1EE3+4B4E99vbY8b4nHKBI3J4BhrDQ:I3AIcIC4dEEDFou4OEzDNbe/QO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
827568f57373b89740186d3b94e62cbb_JaffaCakes118

Files

827568f57373b89740186d3b94e62cbb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c93f2e010599e8073b58b777925ec9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueueUserAPC
FormatMessageW
GetSystemTimeAsFileTime
RegisterConsoleIME
GetGeoInfoW
InterlockedDecrement
SetNamedPipeHandleState
BaseFlushAppcompatCache
GetStartupInfoA
IsBadStringPtrA
CreateJobObjectA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE