e83dd19dbc5029b87344bb9f4e2bdce8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e83dd19dbc5029b87344bb9f4e2bdce8_JaffaCakes118
Size

83KB
MD5

e83dd19dbc5029b87344bb9f4e2bdce8
SHA1

abe73d6eb96a915705dd3d6de622de3bee471232
SHA256

86fe7c070c4a8ab90200b19155c83d8f3d93b4b86f97917f20e5506d5320f72f
SHA512

3853fa51aa625449a3e1678f728842fd641431e6ba72d9cdeb8d13774cc583597c4749f57fc01ecd231292b0225470ae31d0c0867bc45f003ea2576e5be8f24b
SSDEEP

1536:JegjLDvPbqDgKV5UN68aoTMiOe3GiK5S5d0y+p1w0g4pjVrs2ryrd1vUQuqwcizz:0gjLDXbqDgl68amDPGiBdpMHs2quciu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e83dd19dbc5029b87344bb9f4e2bdce8_JaffaCakes118

Files

e83dd19dbc5029b87344bb9f4e2bdce8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cda26a7a0be6543ce51b6cf735c0798d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExA
RtlFillMemory
DosPathToSessionPathA
TransmitCommChar
EraseTape
lstrcmpiW
_llseek
GetProcessShutdownParameters
GetAtomNameA
WritePrivateProfileStructA
SetProcessDEPPolicy

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE