1a0ee691212b02a2487d1f1bd0987ecd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a0ee691212b02a2487d1f1bd0987ecd_JaffaCakes118
Size

11KB
MD5

1a0ee691212b02a2487d1f1bd0987ecd
SHA1

35efa96936b651afe1a553b9cae41c96bf7dd9c6
SHA256

739975a8358fad8e58820f30182a535c34bf38a897ae3f4a6d567f46b61bc62b
SHA512

47376b5dd4eeac3be11c76105736efbabef8972f31f56639c17cdbaad1d98250f95a0ee4e32145f44e15589086504635d53090cacd7ec2710c606c04bffe0afc
SSDEEP

192:97mTltbXv3TZiaztBhjhBFIOb4aBxNA0yLgCkUcc8/LBwRZizAqc:97mJJfIazLgObRBxNA2CkXccLKRZiS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a0ee691212b02a2487d1f1bd0987ecd_JaffaCakes118

Files

1a0ee691212b02a2487d1f1bd0987ecd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

029b7db3c5a39a4f0d868eaec69251ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleInputVDMA
GetStringTypeA
GetConsoleCommandHistoryA

user32

SendMessageTimeoutW
PostMessageW

gdi32

GetTextFaceA
LineDDA

Sections

.rsrc
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 327B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ