a5e394b4ee5e83911ec53541e01f0d99_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5e394b4ee5e83911ec53541e01f0d99_JaffaCakes118
Size

83KB
MD5

a5e394b4ee5e83911ec53541e01f0d99
SHA1

a64a3343ad77eab010fe2277d511ef2d6a33c1c0
SHA256

8359b908ddf4c043da949000cb241b4df2de0bd946482b4f0927ed94997ff270
SHA512

cbb5175a9c9e32234c1b2dbc8565f729f290602099bd35353732d789514c4009f52f8250d52c1448053beb33dce580d8cb18e791ac2058937f75a88571577882
SSDEEP

1536:jOMKMpSDyQZiERlgrMjx2pu2jEErxTWDTMqhGKYIZTET8Syl1KY:oMuhiilg0xmTjBkMqhGKZTbfcY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5e394b4ee5e83911ec53541e01f0d99_JaffaCakes118

Files

a5e394b4ee5e83911ec53541e01f0d99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

635632621aecdafabd41efba50e0c4c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AttachConsole
GetSystemWindowsDirectoryA
GetSystemDefaultLangID
OpenMutexW
GetSystemWow64DirectoryW
SetProcessShutdownParameters
SetEnvironmentVariableW
GetConsoleAliasW
FindActCtxSectionStringW
MapViewOfFile

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE