5bf5fcfa52799320e1f00197c536465e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bf5fcfa52799320e1f00197c536465e_JaffaCakes118
Size

5KB
MD5

5bf5fcfa52799320e1f00197c536465e
SHA1

0a9352dc4f6a88bd54c85ae20261daa4d1754708
SHA256

cf102043ced7eaedc68f63da204bb92eebac52658d990187808beb5aa1247551
SHA512

c0f4d80adb85ee127154abd81a2d348dca0bd7009174a29d3a37a43e4bbc15011f4643eb18dc352af4a6dc49b403a6504d8484681ff04ae1b89fa735d3023406
SSDEEP

96:bF+ta3rU6qUUkR5IFOHilCe/uvFM+Y3MFu:MOALkROFOHiTwjF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bf5fcfa52799320e1f00197c536465e_JaffaCakes118

Files

5bf5fcfa52799320e1f00197c536465e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0acfbd053d8aff1a7d03d6dd0a186ac1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
GetStdHandle
ReadConsoleA
SetConsoleMode
WriteConsoleA
ExitProcess

Sections

.text
Size: 1024B - Virtual size: 534B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ