a693bc0157d0dfb59d8893831122ecb8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a693bc0157d0dfb59d8893831122ecb8_JaffaCakes118
Size

67KB
MD5

a693bc0157d0dfb59d8893831122ecb8
SHA1

cccedb2eb7b59eac436bc47793362d18d14d71c1
SHA256

c8af2b072c6938fcefe5f255d17164534515935bbf1a0235325c2ef65113dd51
SHA512

d1a6b9f6e386d5e6412beef4cfcb4bd4f0790647c9af077e5ecd14c7b7d82fc4733b2c37564d357ec7de0ff33fd39f660ce7c130f4f7a1e1360a8d6445d851db
SSDEEP

1536:qud2WJoIRbNaMRk7pne2rpHQfrDoOcSx0K:x2Wm+hidnVkrUOcSx0K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a693bc0157d0dfb59d8893831122ecb8_JaffaCakes118

Files

a693bc0157d0dfb59d8893831122ecb8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d0ffc38402d64273483a49ebba409ce5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleDisplayMode
GetProcessId
CreateProcessInternalWSecure
SetCalendarInfoW
GetLogicalDrives
OpenFileMappingW
GetCompressedFileSizeW
DeleteCriticalSection
LoadResource
FatalAppExitW
UTRegister

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE