4051e58abf4fac7e3b2bb5d094c49fe8_JaffaCakes118 | Triage

Sharing

General

Target

4051e58abf4fac7e3b2bb5d094c49fe8_JaffaCakes118
Size

56KB
MD5

4051e58abf4fac7e3b2bb5d094c49fe8
SHA1

61a564fba48b5f5bdbb14f5cae2bba2efd33c598
SHA256

ee3dba48cd052c300d7db089305e3eb55d1fe4b9e0c681295cc6fc23f4bbbd62
SHA512

c599960cf040e50b414dd10e14b24e96f7c66ad2ed7a4973ff888e47e4f874dc0fd17221836ae0f066681081e88826a66d27ec3e3c22da26155fa26085838ca2
SSDEEP

1536:1Qr40gukKxEpcBBUUKyS1YEwJEthXtpKPc34J:1I47ZKacBBUUWgJUtpacY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4051e58abf4fac7e3b2bb5d094c49fe8_JaffaCakes118

Files

4051e58abf4fac7e3b2bb5d094c49fe8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd60703d0cc4261d26f853306fb9c38b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenSemaphoreA
GetConsoleSelectionInfo
LocalReAlloc
GetDiskFreeSpaceExW
GetProfileIntA
GetVolumePathNameW
BaseFlushAppcompatCache
LoadLibraryW
WritePrivateProfileStructA
SetVolumeMountPointA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE