02ad4b1cfb203334db0d7d79515c40dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02ad4b1cfb203334db0d7d79515c40dd_JaffaCakes118
Size

76KB
MD5

02ad4b1cfb203334db0d7d79515c40dd
SHA1

98008f4de2a2f7d77c8da781db8a68801f01d796
SHA256

8023058d5aabb5f5388a725034021c29b59a98964c261e414c8f70638579df41
SHA512

61fc0af4c1341a90355b8cb452e9d9935b84e5bcc5d754c4d983806702727ec19eedb935788d463418ffa514ced14d5d0c1991cd269f68637aa5e7f811dbc00b
SSDEEP

1536:6TqrLntTbGEJRm21kxIyeFf/WO/8/DaWpXy9a8pjVrs2ryrd1vUQuq6:Nn7X+psdZWpX2a8Hs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02ad4b1cfb203334db0d7d79515c40dd_JaffaCakes118

Files

02ad4b1cfb203334db0d7d79515c40dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78dc6bfd4425acacc9a9e2a34bda5d85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CheckRemoteDebuggerPresent
lstrcatW
GetProcessShutdownParameters
MoveFileExW
ExpungeConsoleCommandHistoryA
HeapSetInformation
CreateDirectoryA
GetSystemRegistryQuota
GetWindowsDirectoryW
SetFileShortNameW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE