5b1e1534c828d398b0ae91820913911f_JaffaCakes118 | Triage

Sharing

General

Target

5b1e1534c828d398b0ae91820913911f_JaffaCakes118
Size

33KB
MD5

5b1e1534c828d398b0ae91820913911f
SHA1

77b9e6c9bed65e5611756cddb92eaad41b1ba110
SHA256

3653dab7ffff542a1d5e17c1eb5e7b706b691289f45f1fc4db48c5c6d6ae4095
SHA512

c4051ee32ff5c076259788bab0cf582e9492e5e8f5850ceb3a301c548dd9d9bca1b63e42116e39bbeed1010445bd218124928a9f33c9a2eb6e7d7a9aa0960a0c
SSDEEP

768:y2d8jt9SE99aHTPkPWP4a7pU1gWKd7Pqqqq+QQ9SxUEt3O:7stkZzrQepU9KlxUj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1e1534c828d398b0ae91820913911f_JaffaCakes118

Files

5b1e1534c828d398b0ae91820913911f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

776e6e0613e8d0b21c9256e13d9aa1ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
SetConsoleCP
ReadConsoleOutputW
ExitProcess
ReadConsoleOutputA
CreateConsoleScreenBuffer
GetVolumePathNameA

dhcpsapi

DhcpAddServer
DhcpDeleteServer

dinput

DirectInputCreateW

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ