33bd19f0140fd64e6887d0bff98caae9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33bd19f0140fd64e6887d0bff98caae9_JaffaCakes118
Size

83KB
MD5

33bd19f0140fd64e6887d0bff98caae9
SHA1

a9781443d6a91fa14448fc2b6f35655ccb89f775
SHA256

05753df96fd8d6abec6008c1ffd0765d3db0d9c305b4810b3409d448cf28f1c7
SHA512

405c6bb138c521cfe8711cbb9457381080b1a0b2b126afaed49c852050e1499a53c95b4222929012e406b896917b560cd10baab13b1cfa866dbb62299d16ee2c
SSDEEP

1536:7GNGYrvbOb6v2+Tv8vDiwHSg55VBDg6fCAyMJeK97xjEErxTWDTMqhGKYIZTET8B:SNrrvbkyr8L7dVK6qAPQIxjBkMqhGKZY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33bd19f0140fd64e6887d0bff98caae9_JaffaCakes118

Files

33bd19f0140fd64e6887d0bff98caae9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb07303765d3a800c3688eb09f07d9a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBAndTimeoutsW
ReadConsoleOutputA
FindNextVolumeMountPointW
GetSystemTimeAdjustment
IsProcessorFeaturePresent
BeginUpdateResourceW
SetComputerNameW
TrimVirtualBuffer
ResetEvent
CreateFileMappingA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE