5c56c9f2fe216e82e2e44edac0a6c691_JaffaCakes118 | Triage

Sharing

General

Target

5c56c9f2fe216e82e2e44edac0a6c691_JaffaCakes118
Size

81KB
MD5

5c56c9f2fe216e82e2e44edac0a6c691
SHA1

f54090e1296a5ee34f9dffaa6a660a4a0d3289eb
SHA256

8aa142554c8f950bc191654aa382ebe7dbc4a71a45323dcc40a748ca489c6fc3
SHA512

0c5f7fc39189430cfb8d0ffb67543705bd5c9e2eeef58fa8bf064c172ee17eb8a042e13dc1f5bd5434d25a452d7e85745664c021b8a232502c2a7b9edbd10bb4
SSDEEP

1536:FJH4C3g6UMHW+3YBSKOUbncq5MdpeZ+sttwqJ+3:FmC3++B3Uwq8Qtw6+3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c56c9f2fe216e82e2e44edac0a6c691_JaffaCakes118

Files

5c56c9f2fe216e82e2e44edac0a6c691_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b43646fe5948e62bca4f3a9563c8ca89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
WriteConsoleOutputAttribute
VirtualProtect
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA

user32

GetUpdateRect
CloseWindowStation

Exports

Exports

BeginGhivnlwjx
Nvleoqhyuq
Ngrhentdpp
InitRvwpuymqq
BeginLqofohctm
EndSawjxpfi
Cmjymwvue
Vnmlytjrxdf

Sections

.text
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rcode
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 66KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrd
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ