5ae4305eab4722687e7572c2b7bfdc24_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ae4305eab4722687e7572c2b7bfdc24_JaffaCakes118
Size

83KB
MD5

5ae4305eab4722687e7572c2b7bfdc24
SHA1

87822f7352b33d960b6bb34d727d94ae8cee3e92
SHA256

5bf99f1c868073ae294bcf39f3abfb3bcbe161e7f7184f7fd27945e267baa650
SHA512

86d39c436c44f64c18a81394a83ed2d1adb66182bcb94a7a42e031cb858d4cff96ce603f68180b6c859b93a1cddf6ff83e6c71e43783bc11602f3f57dde90927
SSDEEP

1536:GP6/wGqIUSCzVDBetbmCED1mcMg1+DE9lkvvB5kPeHvSL77tMShQkL62taDabCZD:G1hsSTE4TQ3wOV/LjBkMqhGKZTbbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ae4305eab4722687e7572c2b7bfdc24_JaffaCakes118

Files

5ae4305eab4722687e7572c2b7bfdc24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e50cb57ec256cfc1b006f5425744236

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Module32NextW
FillConsoleOutputCharacterA
GetFileInformationByHandle
LocalFileTimeToFileTime
EnumResourceNamesA
Process32FirstW
SetDllDirectoryA
CreateThread
lstrcmpW
GetConsoleAliasA
AreFileApisANSI

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE