3b379db038f4fdb63d8c2e353db493c3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b379db038f4fdb63d8c2e353db493c3_JaffaCakes118
Size

83KB
MD5

3b379db038f4fdb63d8c2e353db493c3
SHA1

6cc424cab3d8f092b1b93b35e2e485a881488f9a
SHA256

d21680a7590d686a1862625c1b68d979c54467b2633ba53eeca8c7ff26cfecee
SHA512

52726423d0c051ff0cfad362e3c4d8ebc373b12dd7d4ea62f80260f3afb34cf88b27e48ea8ce8eda16b037f2a4490a3257eb98342e292de02185e2d2248de496
SSDEEP

1536:RhMnem04Ed2cJRSPF4ROD+ipjVrs2ryrd1vUQuq3QXiY:RhMem0zd2cyeROJHs2qNQXiY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b379db038f4fdb63d8c2e353db493c3_JaffaCakes118

Files

3b379db038f4fdb63d8c2e353db493c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c18c3724b5fa8e5642441c657101394

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleNumberOfCommandsW
WriteConsoleOutputCharacterA
GetTickCount
GlobalAlloc
SetTermsrvAppInstallMode
SetConsoleMaximumWindowSize
CreateEventA
GetCurrentProcess
ReadConsoleInputW
GetComputerNameA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE