6fb9348b03e38c03d288fa9979f6c37d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fb9348b03e38c03d288fa9979f6c37d_JaffaCakes118
Size

66KB
MD5

6fb9348b03e38c03d288fa9979f6c37d
SHA1

f39fb32e47b79d69f721e8f596ce1da656854259
SHA256

4045e0ebf8b8fd5d5ee1eb1682e2f87b3687679a6d178e523ed10203be3e1dd7
SHA512

805feadf39aa6512f55db9ce6921c1d5611b75b0dfc99cc1cf73f7ab2acd6b58700820fe86b5edb2bddf54ebcf335b9bc097089e7e292bb28f506ceaec55c869
SSDEEP

1536:CbbyQC4lglhFrCFG2+a/7z/rEGMrPOiG6cl/lAfzQZhZFTc:C/ycgbdCD+aXgGMaN6Wd+kfZS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fb9348b03e38c03d288fa9979f6c37d_JaffaCakes118

Files

6fb9348b03e38c03d288fa9979f6c37d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5fdb4d84112cfc48546dbce74905a5be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetPrivateProfileIntA
SetVolumeLabelA
WriteTapemark
GetConsoleHardwareState
GetDateFormatA
SetFilePointer
GetCommProperties
FlushConsoleInputBuffer
GetGeoInfoW
GetWindowsDirectoryA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE