03c469767314dc878ad4f1c1ecced12c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03c469767314dc878ad4f1c1ecced12c_JaffaCakes118
Size

83KB
MD5

03c469767314dc878ad4f1c1ecced12c
SHA1

a1686b848131140a33c0dc8b9fcf04b95936d684
SHA256

46caa136b82dad4009d08ae976c8daa5f0d3f584bd180713cda810fd2aff0a0e
SHA512

0f48cf9c4d620f4817c1f01d0fce677fdf21d8a774c6c6c1c136db94dba1a697aa1d5efc2065e05a3e7939b30c567b3775f6d017f8701c668675a5f1e7850ed2
SSDEEP

1536:aTkVHTY43NzDd/rOGRKd06aQ3S515n7/ic/uCidJtZ3//ujEErxTWDTMqhGKYIZD:9aqBrVa7341x//jidJLOjBkMqhGKZTb7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03c469767314dc878ad4f1c1ecced12c_JaffaCakes118

Files

03c469767314dc878ad4f1c1ecced12c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0cc6e103219ca9ab66d9d58dfc58895

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryDosDeviceW
Process32FirstW
GetSystemPowerStatus
GetSystemWindowsDirectoryW
SetCommConfig
GetOverlappedResult
GetLongPathNameA
VirtualQueryEx
WriteProfileStringW
SetConsoleNumberOfCommandsW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE