5fc4666e98f421b4d5b8af0b6aeb509d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fc4666e98f421b4d5b8af0b6aeb509d_JaffaCakes118
Size

212KB
MD5

5fc4666e98f421b4d5b8af0b6aeb509d
SHA1

05d6d97a3f740ccbc5f0410a15039fa2c5499651
SHA256

1ba91e30f163f7f14dc75cad3a7060bf91553abe697c08078e3463dcc6878609
SHA512

6a18739f545686121cfd48dcdd616c4e6a44170e2838e7d9a0c9482e6b71097c5a49310f91631d3e56f9c199c2b7996b63954feaee4c209d4c3312b91d708599
SSDEEP

3072:IXbIwQ8iYnKZkW+V+lc7+0gLL3QnQrAV/82IO2knluUNoLbcBTyqkkrnt5vEQIIu:MJI6W+glu+0goQrA185dkl32LUZqwS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fc4666e98f421b4d5b8af0b6aeb509d_JaffaCakes118

Files

5fc4666e98f421b4d5b8af0b6aeb509d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ad2896ae77a4d8c538f4340c06659a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceLanguagesA
SetCommConfig
GetConsoleCommandHistoryLengthW
WriteProcessMemory
AllocConsole
CancelTimerQueueTimer
MoveFileWithProgressA
GlobalDeleteAtom
Sleep
GetCurrentDirectoryA
IsBadHugeReadPtr
ReadConsoleA
CloseHandle
IsBadHugeWritePtr
MapViewOfFile
VirtualAlloc
SetThreadUILanguage
GetPriorityClass
CreateEventA
GetConsoleAliasExesW
WritePrivateProfileSectionA
EndUpdateResourceA
OpenJobObjectA
GetConsoleCommandHistoryLengthA
FindNextFileA
GetVersionExA
GetModuleHandleA
GetConsoleTitleA
GetProcessShutdownParameters

tapi32

lineAddProvider

Exports

Exports

WriteWjbcxvia
ReadOftswyn
Pvuscaj
Qafuktve
EndIocidkt
Ttdlymmv

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 76KB - Virtual size: 739KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ