754c4f0e8d996397397f216aa30acf49_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

754c4f0e8d996397397f216aa30acf49_JaffaCakes118
Size

66KB
MD5

754c4f0e8d996397397f216aa30acf49
SHA1

9f0b820314cd8d3aabf7cec7c791ebb87f9e1ead
SHA256

bd9e42f1040954b1263c9c52c2f25de40a789f9286e4c7247a2a6d77d6f5a9a1
SHA512

ffa8cdb6663c95dc0e749af1ab910656fd35dfffb74b311f754d07afc4a3c5b91c6f7b0a9853af4fe8b315888fbfdffc0febaf3d54ac2f76ae16b65ee4b21ae8
SSDEEP

1536:+JxYB0ptO7TXAAxTYitifR4f8i43AcGxH4Lixf7/LPK6:+HYBIo7jAcYitifSESDh4Gf7/G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
754c4f0e8d996397397f216aa30acf49_JaffaCakes118

Files

754c4f0e8d996397397f216aa30acf49_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea25e1ba6c640c20218ca47a3e2e5832

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
GetSystemTimeAdjustment
EnumResourceTypesW
SetConsoleTitleW
SetConsoleNlsMode
DeleteFileA
ReleaseActCtx
FlushViewOfFile
GetNumberOfConsoleInputEvents
ExitProcess
NlsConvertIntegerToString

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE