a3bda0db0c776a0e94e4d773808fd9a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3bda0db0c776a0e94e4d773808fd9a9_JaffaCakes118
Size

59KB
MD5

a3bda0db0c776a0e94e4d773808fd9a9
SHA1

9868001c6c5f5915ff91cbce7389af841b1367fd
SHA256

ee46b18f5c72d6ff3a3b197d71c8a8223e1f038f5dab069838e8ab195ddd463b
SHA512

d30c90948fdb375425267ec5e9fffd4036b13b2e7532c6b7a9a80496c2d93235432f3edffc78b92d66d6ea3fd9e07e4795fbf22873c24473cec68c01243944fd
SSDEEP

1536:b5KT/wlEZyCV0b0kAOIjT3IcE8TkQJw8SFg0VZ83h:VKeYiqn7E8TvqHnKh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3bda0db0c776a0e94e4d773808fd9a9_JaffaCakes118

Files

a3bda0db0c776a0e94e4d773808fd9a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eeb50d795be76425cf347abcd5d95a57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleInputA
GetUserGeoID
GetTapePosition
FlushConsoleInputBuffer
CreateMutexW
_lclose
WriteConsoleOutputA
_lread
NlsResetProcessLocale
ExpandEnvironmentStringsA
RemoveDirectoryW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 36KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE