674759d9ee26dceb7885b82f54d09fa1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

674759d9ee26dceb7885b82f54d09fa1_JaffaCakes118
Size

84KB
MD5

674759d9ee26dceb7885b82f54d09fa1
SHA1

89d12bf8c4dfc06b7f95bc472377e8e66880afb8
SHA256

1a40b21119314e190d230ec43610d442b39cb686a1b81b686eadafc9b8da769d
SHA512

0f82827ea57c8f86cdc326257fa562c72d0ceca5c1f46668142742e6ab841f8feaea1c499bcaa61035393e0ec218a88074db21e63f01ef763c49021164f03ac7
SSDEEP

1536:K0Fl4y+pHwXEa61XMZCeEn7AxBRAZqVAKzALnjEErxTWDTMqhGKYIZTET8lStqt:Xl4xHwo8soECAKzALjBkMqhGKZTbT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
674759d9ee26dceb7885b82f54d09fa1_JaffaCakes118

Files

674759d9ee26dceb7885b82f54d09fa1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b02f4caf55bb14e4d074f95ccd317ea7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lwrite
SetConsoleTextAttribute
SetCurrentDirectoryW
Process32Next
CompareFileTime
GetCommConfig
IsDebuggerPresent
GetCompressedFileSizeW
FillConsoleOutputCharacterW
GetDiskFreeSpaceW
OpenProcess

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE