685698599efd0c73399007e5354e725a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

685698599efd0c73399007e5354e725a_JaffaCakes118
Size

76KB
MD5

685698599efd0c73399007e5354e725a
SHA1

bb37c4f8ca5475baa3b72092de8a5bf066756ff4
SHA256

9224f20df1cdedba00f154004fd723e5222ac892b4e392145dfe30189197a368
SHA512

3187e87320b5052c0ccb4befef644847ec2b01d668e1c6b83c9c0e1e2018377b7bf0a85d2b52bec3c8acca157f59aa6f629cf45ac3a1660afcec0ec083605da7
SSDEEP

1536:rZEYOAay2Aa8JD82QiBYbr+RLSpXjEErxTWDTMqhGKYIZTET8x:rZE77bwjQiBur+0BjBkMqhGKZTbx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
685698599efd0c73399007e5354e725a_JaffaCakes118

Files

685698599efd0c73399007e5354e725a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3aac5be97ef6af9e3c6b002308c46c0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentConsoleFont
ReadConsoleInputW
ResetWriteWatch
GetProfileStringW
GetAtomNameA
OpenWaitableTimerW
BuildCommDCBAndTimeoutsA
NumaVirtualQueryNode
GetModuleHandleExW
DelayLoadFailureHook

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE