4033d83665427c64997e9c6692a41af5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4033d83665427c64997e9c6692a41af5_JaffaCakes118
Size

108KB
MD5

4033d83665427c64997e9c6692a41af5
SHA1

67c08d23df5dbd229176d93ad25875d1d03a3441
SHA256

4a0bf4adb448cf17751d04c7adbb2533b928924c3a250dbbf150394bbebe5d5e
SHA512

59ddc0ece26c6e30bd81b4e13d49cb5448b4289e81ae0982edf06488095f05a34987d1414b162ed400756366ac7c8bc5d6d6debe6e3813cc69dd911e056e2b6a
SSDEEP

1536:jsHxqwFHCN59ijMi2Sg2pDteYgvyPCT0jm0wgK5Om07gK5hXRJd:jOHO7iF2Sx0PIm0Frm0UKXR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4033d83665427c64997e9c6692a41af5_JaffaCakes118

Files

4033d83665427c64997e9c6692a41af5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c148ca5ccd4663888bf897d7d1457d9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCommandHistoryA
CopyLZFile
IsProcessorFeaturePresent
NlsGetCacheUpdateCount
VerSetConditionMask
Module32Next
InterlockedCompareExchange
GetConsoleProcessList
RequestWakeupLatency
GetUserDefaultUILanguage

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 94KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE