5a75eedfc6a29eef0237213551607928_JaffaCakes118 | Triage

Sharing

General

Target

5a75eedfc6a29eef0237213551607928_JaffaCakes118
Size

81KB
MD5

5a75eedfc6a29eef0237213551607928
SHA1

666ce02ab2e7676e2dad28e9b0f6aa1591aeef50
SHA256

1dfcda4867f4e2c9cf79b254d7b2ee3d4bfc5ae9e3b61a60fca5e201850aaeb0
SHA512

9909453544ec718f4cfd6b89f7ecd9996e64a120628c409765c31d8fca5aec6870a0595c662cddd2642ff5e642fdfdeac18f11e6b0897a2ee188bd42cb69676c
SSDEEP

1536:EPXXi56JnyZfsOmgu0RptD08lYzYu2MTz3TGfRcxeCkq:EPXXG69Gfseu0RplGzYpMTz3T+Rskq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a75eedfc6a29eef0237213551607928_JaffaCakes118

Files

5a75eedfc6a29eef0237213551607928_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b43646fe5948e62bca4f3a9563c8ca89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
WriteConsoleOutputAttribute
VirtualProtect
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA

user32

GetUpdateRect
CloseWindowStation

Exports

Exports

BeginOtcjjlsjbw
Ggddrhyvvf
Wjejslk
EndFejttgtq
CloseRxbngvdhbx
Rwimerf
Mqvtyksoyyx

Sections

.text
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rcode
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 66KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrd
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ