010b11722456d1975baf619c2763fdf4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

010b11722456d1975baf619c2763fdf4_JaffaCakes118
Size

24KB
MD5

010b11722456d1975baf619c2763fdf4
SHA1

0343fbe60286952422d53709194f27dfcab60013
SHA256

57823a09b0ced868701b919ecb884b2e648780b615b6692952c57cecfe62b634
SHA512

8bbe47369a433a43f9b8153b63bb09a7e722d20f552b27fa3801b8bbc8d91fbb30c841435ae8f64b89ec14c2d85113c4ee7c7a8a952c0cd8a449f6f046cd6319
SSDEEP

384:8LEEEEzEkADvm0nZUG6qKxQu+wQTE4pyznIUZXNtf5CgM2njLt+cDZqJg3YcbKb8:4A7moD6qKxQujQTEMiXNJo8vAOqJg3MK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
010b11722456d1975baf619c2763fdf4_JaffaCakes118

Files

010b11722456d1975baf619c2763fdf4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccdeddc5c245953382b828f8d9492304

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFileScatter
GlobalUnlock
GetCalendarInfoA
Module32Next
GetLogicalDriveStringsW
HeapSize
DeleteFileW
GetLongPathNameW
ReadConsoleInputA
SetConsoleCommandHistoryMode
ClearCommError

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE