9430a88e6649c2833acaead776764f24_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9430a88e6649c2833acaead776764f24_JaffaCakes118
Size

83KB
MD5

9430a88e6649c2833acaead776764f24
SHA1

c5c9799f08d277be471f01844170c36623d55420
SHA256

d5f0be480d23711060744ee16aec504f859bc88f567870e63baaaf8b770ce1ec
SHA512

9164aedb9e5982f982f1602c6363c33eb1c098e30627f8fc029afe412f689c3898eac8c7d88c972d870e6b7203c3bd60e6bb01ef5a6ff3b9aed4c189997c7ddf
SSDEEP

1536:UI2giYJyvXPPkZdEM2yEzn6e8bh6vpL6l2pjVrs2ryrd1vUQuqwcizSkX:UXbvXPPam1x8QhhHs2quciu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9430a88e6649c2833acaead776764f24_JaffaCakes118

Files

9430a88e6649c2833acaead776764f24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d7d4da9547b9099e5f35d3640d0f370

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ActivateActCtx
InitializeCriticalSection
SetConsolePalette
ReadConsoleOutputCharacterW
TlsFree
GetStringTypeA
DnsHostnameToComputerNameA
SetupComm
CreateFileMappingA
IsProcessorFeaturePresent

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE