94e456852a07a79eb6c1ba46dd298cb2_JaffaCakes118 | Triage

Sharing

General

Target

94e456852a07a79eb6c1ba46dd298cb2_JaffaCakes118
Size

94KB
MD5

94e456852a07a79eb6c1ba46dd298cb2
SHA1

8a7d7ad63697a5618a40ab584a6e7979742e0671
SHA256

630e5b2a37ff784ed7f0204a1c0fa7b5bb92ec42ae50f7463f47c640e01af95a
SHA512

07ae2fabd808800d13a1c48189a7defe4ce07c5638441fe68926250d097984db16dbf626c4ece3d5ecd8b89f4c65e99e9cf4361346502a763e7cbe3547502ea1
SSDEEP

1536:ntQBPfcRts8E3QjCYddeS1bCxt7pj5gn9PWgc8YaEJwZK4/83ZoMOALF6SSf:GZfK9jCU4QbCvltgnNLhZEXtpxLF6H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94e456852a07a79eb6c1ba46dd298cb2_JaffaCakes118

Files

94e456852a07a79eb6c1ba46dd298cb2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5738a4a86b055efc769b9ad58a795246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByteEx
InitializeSListHead
SetConsoleTitleW
ReadConsoleOutputA
DuplicateHandle
FindFirstVolumeMountPointA
GetNumberFormatA
GetWindowsDirectoryW
RequestWakeupLatency
NlsResetProcessLocale

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.krdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE