85d3cee9a23bad04893b8e3778d45662_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85d3cee9a23bad04893b8e3778d45662_JaffaCakes118
Size

83KB
MD5

85d3cee9a23bad04893b8e3778d45662
SHA1

c922b41a576b24c6d5c6dac830b51122fc5ad31e
SHA256

e3bf92870a4110afe02eb2c4e4958f41b5846e63f889d3498f2b356ebae836bc
SHA512

d13947fc784dadbaaa05911000a18eca6d64dcf45366335cba2379664b1b0107763ff0b8b7ee4ce0c8a4db843b851d11ef522fad53a124f55c9264e555cde039
SSDEEP

1536:EjjGxTxPJmxfOXGgA/4UOvutRRY4h/RbCeLXAh2ZjEErxTWDTMqhGKYIZTET8bDQ:ejeTx4xG4QUOv6YACeLXNZjBkMqhGKZg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85d3cee9a23bad04893b8e3778d45662_JaffaCakes118

Files

85d3cee9a23bad04893b8e3778d45662_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5d4df0c64874c260a64cc72bb89ee14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
LocalUnlock
SystemTimeToFileTime
GetNextVDMCommand
GetNlsSectionName
SetDllDirectoryA
CheckRemoteDebuggerPresent
SetConsoleDisplayMode
SetVolumeLabelW
GetCommTimeouts
HeapDestroy

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE