742180450dbb3760a3bce2bb7a6a6544_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

742180450dbb3760a3bce2bb7a6a6544_JaffaCakes118
Size

63KB
MD5

742180450dbb3760a3bce2bb7a6a6544
SHA1

48eec4e2b93d127da2323aa2672b9d632731683b
SHA256

a73fb227a65ec9922b5e42912a83929cae750fe74fda5a09a594803945b2b2a3
SHA512

a515e1623f8e77d8b5f6c8f705fcf90f9ad7513c583fdf0e21c26c8caaae82f33e54d59fcee8f5fa59dc68da782904803e67827723812ed4e1ea460e4f282d82
SSDEEP

1536:GRalJRiPFkZR2Lx8ILfs8wAWGtXQk8YKRoWCar3x5hiFu:GPF0Tas39GhQusoBOB5hIu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
742180450dbb3760a3bce2bb7a6a6544_JaffaCakes118

Files

742180450dbb3760a3bce2bb7a6a6544_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46cbd8297f64af8f80cd330f2716cde2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocConsole
DeleteFiber
_lopen
CompareStringA
BackupWrite
FindNextVolumeW
SetConsoleScreenBufferSize
LocalShrink
GetPrivateProfileSectionNamesW
OpenFileMappingW
GetDiskFreeSpaceExW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE