f6d443858750a91cf0c37cb5f0a94518_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6d443858750a91cf0c37cb5f0a94518_JaffaCakes118
Size

30KB
MD5

f6d443858750a91cf0c37cb5f0a94518
SHA1

7871df653ec66a09829c644a05e948807fe5dd90
SHA256

b25753ccb70bf08dca10cbe563151ec682fb029e8978c466960bb0b3873cc441
SHA512

9e05c7584e214b2f39287816f7321c959927f9551b0c0466db06c29062b88cadcade35e22cbc2aeba0a85bfd70a43553aeb00da39137aa7dd38c2e43e471f1b7
SSDEEP

384:IAKgtbJk61UbO4XAhkOuHivD9XNBFrznEI0UR4fXokE6WgYbEc1ur24cc1QG89F8:IHgtV6iPhk8HkI0X/g82ZcyjgoTU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6d443858750a91cf0c37cb5f0a94518_JaffaCakes118

Files

f6d443858750a91cf0c37cb5f0a94518_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01895f6dcf3f6354b4809da74653fa5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
GenerateConsoleCtrlEvent
GetSystemWindowsDirectoryW
VirtualFree
GetMailslotInfo
GetCurrentDirectoryW
GetCommTimeouts
SetConsoleKeyShortcuts
GlobalAddAtomA
GetModuleFileNameA
GetCurrentDirectoryW
VerLanguageNameA
EnumUILanguagesW
WaitNamedPipeW
SetConsoleMode
EnumSystemLocalesW
SetConsolePalette
GetVolumePathNameW
MapViewOfFileEx
UTUnRegister
ConsoleMenuControl
FindFirstFileW
SetProcessShutdownParameters
HeapFree
GetNamedPipeHandleStateA

Sections

.data
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ