83fca172505d6478feabf158110e546b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83fca172505d6478feabf158110e546b_JaffaCakes118
Size

81KB
MD5

83fca172505d6478feabf158110e546b
SHA1

b3f9b5d724c8acee6fda76c114bc2e1b74497347
SHA256

bb1e20909b1c5678417aaa8fd1a9f51988a87934a03162c11a954a02fb9d38ab
SHA512

0753c80a03138ffc51f665e0c93726c76ec38249ab40588f80d1285b2caa5326de263ceaa31ff21bb5bc9812e8a72bdf7fc76cbab86621a98b1b0d12ea6011a2
SSDEEP

1536:wQQzFv0xR9esLZuiISlFktu6W+EzO2jv0X+7UiUOTw75CJqFAo4mdZ6m:HI+msLZLISlN6khvU+4G09CJqFAo44ZL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83fca172505d6478feabf158110e546b_JaffaCakes118

Files

83fca172505d6478feabf158110e546b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

93c6c73136d3be79741b2f03534dc28f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
SetPriorityClass
VirtualProtectEx
SetLastError
GetStartupInfoA
GetModuleFileNameA

user32

BeginPaint
GetUserObjectInformationA

Exports

Exports

Hkpxnqsttpw
Xqhlyar

Sections

.text
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rcode
Size: 544B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 67KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ