49156f5b075ed81f395d82692e0bb270_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49156f5b075ed81f395d82692e0bb270_JaffaCakes118
Size

83KB
MD5

49156f5b075ed81f395d82692e0bb270
SHA1

d3781eb83f4a77f7066f69bd1b1259b0fbeb7d68
SHA256

c64c5ed4371c24b08e0a4f637aa4c65c1b724423695c15c4489d4e2792520662
SHA512

3b7552b8df045dcbef0f21bce2d91eb0c3ffa485d0d053009282ae3cf50b4a1ec6ac3d8a550dfba274cc3a43a4ebf76bbfaf19271d151907c2b27026d47ea5c2
SSDEEP

1536:N2ShVNp2U64pleYaz+AaYZlOD+rBnocJypjVrs2ryrd1vUQuq3N:Xomle5zhENJHs2q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49156f5b075ed81f395d82692e0bb270_JaffaCakes118

Files

49156f5b075ed81f395d82692e0bb270_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63418b8dfb9a012e2d9d07b7d19352ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateConsoleScreenBuffer
ExitThread
BaseProcessInitPostImport
NlsGetCacheUpdateCount
CreateProcessInternalW
AddAtomW
IsValidLanguageGroup
DelayLoadFailureHook
OutputDebugStringA
SearchPathW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE