a863e17e5533a731e89e8c6c3a755b26_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a863e17e5533a731e89e8c6c3a755b26_JaffaCakes118
Size

111KB
MD5

a863e17e5533a731e89e8c6c3a755b26
SHA1

97e29775012c0375aceb95694eca3de63e784bf1
SHA256

c29298f336060f0aae5b18214181300653d4084ff902f9ca30478f1f745e0241
SHA512

bceee6dbe9a1707e99ffee58ded2426a18b6de817e319d4ffd38da097222b5e100bc2204a0519a6016b80fa0569c9211d049c0dc3d49e8b7146efa9cf7a3b390
SSDEEP

3072:VpZT+Y1HC1e/zyx3wyLJ4P7Cc9tqzzTU0WAf:VHC1e/OgyLijC2tqzzYzAf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a863e17e5533a731e89e8c6c3a755b26_JaffaCakes118

Files

a863e17e5533a731e89e8c6c3a755b26_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21ac7887d8cc8ce41aaaa52d9e939ce7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE