9760f6c498fa006a40c1ffd117d6bf48_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9760f6c498fa006a40c1ffd117d6bf48_JaffaCakes118
Size

76KB
MD5

9760f6c498fa006a40c1ffd117d6bf48
SHA1

93d79f0de8927c51d3d5a6f8bc8d8d58c763b488
SHA256

94b172c965ae0379ad98008214423a3d896e4564c6fbe02a4d098d41368a4215
SHA512

c02b499523ac923f7096de2fd8e61d89b0cfaf899280fc01df69b0035eb1fe9a14c40a4271ee27b407da30022f0b78284b737117a2b64683d9907e4f52436fe4
SSDEEP

1536:+YuwIP6871Qk0bjvm/QYeZkgKNjEErxTWDTMqhGKYIZTET8x:7uvy61QN/voeZCNjBkMqhGKZTbx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9760f6c498fa006a40c1ffd117d6bf48_JaffaCakes118

Files

9760f6c498fa006a40c1ffd117d6bf48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c9c93fe5869f31b06735784296e120a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetBinaryTypeW
GetModuleHandleExW
AllocConsole
WritePrivateProfileStringA
UnmapViewOfFile
IsProcessInJob
GlobalMemoryStatus
SetConsoleTextAttribute
SetFileShortNameW
LZSeek
QueryDosDeviceW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE