6363f639b7af3313b81fcbfa3ad801ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6363f639b7af3313b81fcbfa3ad801ab_JaffaCakes118
Size

62KB
MD5

6363f639b7af3313b81fcbfa3ad801ab
SHA1

482e4d2c5c3a05b0e0e7b8d827d818e5b46365bc
SHA256

f3a6c153331ec14ef33f4e994f1a60a5d51084ba0e89bdf50cacac5546746d46
SHA512

70b5cb16ff90192859448688d0b73579da6111448b64ba74e3be79cb3116ac51d7c95fb4223e8310562f5aecae1b45c8e6345466cbefdd5079af32927bcee685
SSDEEP

1536:auilKHoVZWIlxPyc2MSIUEuqR02SsRuHOFVpES/t9IOq:ax8HoiIvXSIj7i9fHACS/DIh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6363f639b7af3313b81fcbfa3ad801ab_JaffaCakes118

Files

6363f639b7af3313b81fcbfa3ad801ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b2e27f75f19abdc3a460c37cc59b09c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
GetConsoleAliasExesA
LocalUnlock
LoadLibraryA
GetSystemDefaultLangID
SetConsoleCursor
ScrollConsoleScreenBufferW
GetNumaProcessorMap
EndUpdateResourceW
GetEnvironmentStrings

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE