610c11f9dd1b95d3c31a3b5cdd1074eb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

610c11f9dd1b95d3c31a3b5cdd1074eb_JaffaCakes118
Size

67KB
MD5

610c11f9dd1b95d3c31a3b5cdd1074eb
SHA1

61818bd967e73d2088e5777ce70fb6a8de818a62
SHA256

3390de37f8191740e3f03b6c89cc33386cdea4f68088474156409e2aa4605928
SHA512

ba3f43f4988b6069daaf2ecdf3b5581d04bde48708f8954e1eabb9ba17d39b0437bd55ab3b85ad6aaaf2ca86b99a34c55f101e6cc257fdc4730a8509f326c797
SSDEEP

1536:bctHuH4jJYCA48vSqeA5eK5JQl1E5934IJkqRas1ChGVSK:SOH4jJJAvSq95f5JQl1O9IsAhzK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
610c11f9dd1b95d3c31a3b5cdd1074eb_JaffaCakes118

Files

610c11f9dd1b95d3c31a3b5cdd1074eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4bf5f9f664799a827e786625a948fa29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DosPathToSessionPathA
VirtualUnlock
CreateVirtualBuffer
IsValidLanguageGroup
GetHandleContext
SizeofResource
SetTapeParameters
VerifyVersionInfoW
GetPrivateProfileIntA
GetConsoleOutputCP
SearchPathA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE