5bae2bf653d815458e84832899dc7460_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bae2bf653d815458e84832899dc7460_JaffaCakes118
Size

66KB
MD5

5bae2bf653d815458e84832899dc7460
SHA1

17986eef9806b5df6aeb9281de415b6abe5d64c2
SHA256

e46bf836f6fc0274d045d5522cb50ffe861ef9ff17faf0d5f4f47bdce32f6b57
SHA512

09cb74119b8ba434720fbce428d60c093f027258691e088b44d1388a5897af47f0cfdea303f424ca632c8778c956bc7cc772de55f4bc898cdc736b56542feefb
SSDEEP

1536:MSSLnF5pIzGUPVBIqyzw1yD2yMduuWd2NIWLY6PMU4F/Yzk5hiF2:bS7F59wVBIqyv2UMvLYhU4V5hI2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bae2bf653d815458e84832899dc7460_JaffaCakes118

Files

5bae2bf653d815458e84832899dc7460_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2698a466939dc01845485d67a387a56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeLabelW
AddLocalAlternateComputerNameA
GlobalFlags
QueueUserWorkItem
UnlockFileEx
VerSetConditionMask
ReadConsoleOutputAttribute
WritePrivateProfileStructA
SetTapeParameters
SetTermsrvAppInstallMode

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE