8c10e651caf4bf38a228243162e4278c_JaffaCakes118 | Triage

Sharing

General

Target

8c10e651caf4bf38a228243162e4278c_JaffaCakes118
Size

79KB
MD5

8c10e651caf4bf38a228243162e4278c
SHA1

7f2a320d60e193e855a13bb7c7b4fedb2d8db2c6
SHA256

1473de8bc165cf960437c8aaf594666abfa4ad247049fe02942d4444b7d501af
SHA512

df12a656909ce3b41fe6e9eb0475641a8b23e71cd71c1eb6c12685c2995455c3a713f62b88f1651454463813541f2f269c3107a95c4c49ea1d944f5d3b6774ed
SSDEEP

1536:Msv5IgnmGkbQqmu8xcdz2LcQgoHfQ56VNWTUX6JXR10ILqg8xi3JGk5wW:3WsGhpi/5VNWTRJBvLq/A50W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c10e651caf4bf38a228243162e4278c_JaffaCakes118

Files

8c10e651caf4bf38a228243162e4278c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b68b8e710417ef3460cdb819bee7cf2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ReadFile
ReadConsoleOutputCharacterW
VirtualProtectEx
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA

user32

UpdateWindow
SetWindowTextW

Exports

Exports

AddMjwwseagbr
Fstxuyqsnv
Pgmqyqach

Sections

.text
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 66KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrd
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ