f510d802a386cf0ca8b5527463cd3e2a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f510d802a386cf0ca8b5527463cd3e2a_JaffaCakes118
Size

76KB
MD5

f510d802a386cf0ca8b5527463cd3e2a
SHA1

80541090bb68a6fbca9a4224692fd10394d48f26
SHA256

35e51d93a9da9fd8edb46578a95364df7f607cbec73a18a1013b64a9e6ac5d97
SHA512

a64f804793ca1c4bacb69280418aaf5526ed28658a6ba160220806eb06a54c144a9c8f54a0c55d3c1d953f1ff31b258c1b761c3423718bb8fca57848a21891fe
SSDEEP

1536:ACwKX2Vg8iCe01YRPSDfwRYMGUqfHuWV5jEErxTWDTMqhGKYIZTET8x:ACwFa0KR68JaOU5jBkMqhGKZTbx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f510d802a386cf0ca8b5527463cd3e2a_JaffaCakes118

Files

f510d802a386cf0ca8b5527463cd3e2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

deeac49583585812fe6642bba7f28b1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Heap32First
AreFileApisANSI
GetThreadPriority
GetNextVDMCommand
FreeConsole
DeactivateActCtx
AttachConsole
SetCurrentDirectoryA
EncodePointer
WaitForSingleObjectEx
WriteFileEx
ShowConsoleCursor

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE