5bdab173c2cefe304be10e2b02c6c06a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bdab173c2cefe304be10e2b02c6c06a_JaffaCakes118
Size

192KB
MD5

5bdab173c2cefe304be10e2b02c6c06a
SHA1

ac33f88ab038c1c508ea9cc09b31f6f2e03a92db
SHA256

2d5b3b30de53689f55a0fd2e4026fac75fd901f3dfda9f3d80b26a9dbd2dc06d
SHA512

155d657086f39bde1161e316bb805b0f796de5e5e957180c43598f8cf014c9553aa8d2d91ce32850357ba7dcd3bef1e49ad0c91cc0355806a72a0407c6601a3e
SSDEEP

3072:0B+sOv/bGyhnnELX/aXcTOrkOKAUiYHPs1h2hDuoVkbbvchmF8+0NWTRwNka:0ETnbGyxEbhTJOKAQkUI7ubq1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bdab173c2cefe304be10e2b02c6c06a_JaffaCakes118

Files

5bdab173c2cefe304be10e2b02c6c06a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41909f5986c3e2ccfd8f5b52bfe87640

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeviceIoControl
GetCommandLineA
GetCurrentDirectoryA
GetConsoleAliasA
VirtualAlloc
GetSystemDirectoryA
GlobalHandle
GetNumberOfConsoleFonts
GetCommMask
SetConsoleInputExeNameA
GetTimeFormatA
GlobalAddAtomA
GetThreadTimes
CopyFileA
SetFilePointerEx
QueryPerformanceCounter
GetCurrencyFormatA
DeleteTimerQueueTimer
WriteConsoleOutputA
GetCommandLineA
InterlockedExchange
DeviceIoControl
WriteProfileStringA
DeleteTimerQueue
ExitProcess
GetVolumePathNameA
CreateFileA
AddConsoleAliasA
QueueUserWorkItem
LZCloseFile

ws2_32

send

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ