65977f0b5476b257790a68ccfd7bdc8e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65977f0b5476b257790a68ccfd7bdc8e_JaffaCakes118
Size

63KB
MD5

65977f0b5476b257790a68ccfd7bdc8e
SHA1

b7f5f2e9e9077434053788d62d17184416d3453f
SHA256

2f0e67385d5bd00ff5a6478b1018c686ac917f04a854e6a882e4332966bfbf17
SHA512

0812fe47340a818dcb26ae3c2387fc53104e5218ea992b316a6870e4282a8049a4752a388f813ede7c567ea62671665301e88a8368feb3b0bd2e6d95d6f0529e
SSDEEP

1536:iEitkDZqIizAXYK8kQM7QnFwUoUHcno/bso:iHkDpHFv7PUHcn+bt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65977f0b5476b257790a68ccfd7bdc8e_JaffaCakes118

Files

65977f0b5476b257790a68ccfd7bdc8e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ed74de3c34bcc4bf36a009e43c0a23e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleScreenBufferSize
MoveFileExW
OpenProfileUserMapping
GetPrivateProfileStructW
CommConfigDialogW
OpenProcess
ReadConsoleW
GetPrivateProfileStringW
GetProcAddress
CompareStringA
GetSystemWindowsDirectoryA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE