5ba071ad82635fa1fac58e811b2f39de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ba071ad82635fa1fac58e811b2f39de_JaffaCakes118
Size

63KB
MD5

5ba071ad82635fa1fac58e811b2f39de
SHA1

6ec0257d86049968d40a121ced7d3ce1b2e7573b
SHA256

8907260982ae1721760c20ec89a92237f77ba54b47286c51ec45640f7e652c9a
SHA512

615631fe7ebd394606fbb345b7c77f276bb5cb145a60dad9d12dea415c24a20a37ec6a4c0f6bb9b9f8ec2254ef130ee020ec3f89ab930337f6ba92bf3db2c2e4
SSDEEP

1536:0v+ig1LkJl0s2cp9746Uc9phVyOR5+hNEyqz+n6+dL1ML4GSc+:Rig1AJl0sVXzUcTh1R5zKnFdK6b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ba071ad82635fa1fac58e811b2f39de_JaffaCakes118

Files

5ba071ad82635fa1fac58e811b2f39de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

020793c8a65ed836a513f1937dfd5cfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
SetSystemTimeAdjustment
ExitProcess
_lread
CreateProcessA
TransmitCommChar
ReadConsoleInputExA
GlobalFlags
Heap32Next
WriteTapemark
GlobalUnlock
GetTempFileNameA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE