76362b3018d187da45ad9d7349016852_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76362b3018d187da45ad9d7349016852_JaffaCakes118
Size

66KB
MD5

76362b3018d187da45ad9d7349016852
SHA1

2fb1f1d187c88d640bc1ea3cf7290ff3953d0bc4
SHA256

d0a4556d29904ba52e3b6d0ad0be068442f40d1362b3716fdf42c2fbf238572d
SHA512

30e46e49be7d4d48637b374a89422dc65447840747036c85152d94f5617c5edeb16a7f13d28063b380fc3d4ceafe1288097730ec0dc15cf6397cfe470bafe83b
SSDEEP

1536:fs/wkpv+CszpKn0UC4KZ6OH36foCnEE3W/BOuVuiLS7v4:fs/Rp2CszpKFC4W6OXstE6W/BOuVunA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76362b3018d187da45ad9d7349016852_JaffaCakes118

Files

76362b3018d187da45ad9d7349016852_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baad480676f5d807ba5e7df745471817

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasesA
WTSGetActiveConsoleSessionId
OpenEventW
GetPrivateProfileStructW
OpenProcess
GetVersionExW
LCMapStringW
OpenProcess
SetFileAttributesA
GetConsoleAliasesLengthA
lstrlenA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE