75d97a20343ce24ef058e7e5490900ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75d97a20343ce24ef058e7e5490900ba_JaffaCakes118
Size

65KB
MD5

75d97a20343ce24ef058e7e5490900ba
SHA1

3e1e76c7e68d1849941697c417b0eca9a5abb2c1
SHA256

ab4c3b2a34fc6c65f77e21588b5d924ab35057ca0d3036beb6935a18e2a432ce
SHA512

b7d4ed1e9b197db5801f74ddf4b46dc2c1d6ce77ded519748906ce7a8e42be993c092cc3f4eb1f7d27050db6ecdeb9803f5756ced7a30b8a761351805571019d
SSDEEP

768:nvUTQJRmfuF09PhG4bDg4/Y69przOwotM+ol8Wi3X8KCdA0GX1aU1ABzgEzGWbxU:n07vP9s4DXX/+oli3X8HGIU1A13rbO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75d97a20343ce24ef058e7e5490900ba_JaffaCakes118

Files

75d97a20343ce24ef058e7e5490900ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0dbb2e27a19ac635a949f0fd6b5d547f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
FindNextFileA
BindIoCompletionCallback
GetProfileStringA
GetProfileStringA
GlobalAddAtomW
SetConsoleNumberOfCommandsW
SetProcessShutdownParameters
DuplicateHandle
SetVolumeLabelA
GetOEMCP
SetConsoleKeyShortcuts
GetVDMCurrentDirectories
SetConsoleTitleW
GetCurrentProcess
CreateNamedPipeA
SetConsoleCP
Process32First
PrivMoveFileIdentityW
CloseConsoleHandle
GetEnvironmentStrings
GlobalFlags
SetVDMCurrentDirectories
GetCommandLineA
ExitProcess
GetStartupInfoA

Exports

Exports

Yulahso

Sections

.code
Size: 4KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ