5f3bebbaac94a78b3f2ac62023bd2470_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f3bebbaac94a78b3f2ac62023bd2470_JaffaCakes118
Size

63KB
MD5

5f3bebbaac94a78b3f2ac62023bd2470
SHA1

f79af56b863fb15044bf808b6d3390f99c56ffc2
SHA256

fcc6a7f54ff3158d021b37a9f4121fc6ac0429ce6f0aa1c12ee3b059d9767258
SHA512

69f8cf9fc4e16cd2a650587523c1b5a01120a30b694988027d4a67831674d278e0c3b5882bac80a36088ceaf992316879b8a04bd641da200aa3bebd09fd9246c
SSDEEP

768:VG82so9hYo9fhDNgF2Zgyd42BkPIgcUIQoV4BbfNbqvbUgkJicEegTCuABWWwb6F:XG3gYQoeBzZosoTCnEAHuBRrzyVQm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f3bebbaac94a78b3f2ac62023bd2470_JaffaCakes118

Files

5f3bebbaac94a78b3f2ac62023bd2470_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce33135d3a8a7e9114ea64ebb8aa4167

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleTitleA
GetUserDefaultLCID
LocalSize
CopyFileW
SetComputerNameA
InterlockedExchange
LoadLibraryA
FindNextVolumeA
ReadConsoleA
GetLogicalDrives
GetCurrencyFormatA
CmdBatNotification

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE