ab441570c0dd1402bd593ebeb13f7570_JaffaCakes118 | Triage

Sharing

General

Target

ab441570c0dd1402bd593ebeb13f7570_JaffaCakes118
Size

63KB
MD5

ab441570c0dd1402bd593ebeb13f7570
SHA1

8f463f2fac66b9ae01afa6b4ce35c2a677e04912
SHA256

1c09dff637d3fba84479f955db8af03adfb31cc699247d3c96a35a55fda249bd
SHA512

954b18f4e5b217336cf124bffc174d32b0125e2e0690ef7e410782e4d6702e77e36341e8e1f475ef004ba9db2719f354390bea8e94900782eb9a1948d749e527
SSDEEP

1536:/zRWgG8ZyRlwjigPbNwRMhQ0CEbwsF8BAhN4m:/zRWgVClCRbNkMSEL8BAhNb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab441570c0dd1402bd593ebeb13f7570_JaffaCakes118

Files

ab441570c0dd1402bd593ebeb13f7570_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30beaf7e04c14a8f80c55f68d0da1bbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LZClose
DuplicateHandle
SetConsoleTitleA
GetLongPathNameW
DeleteCriticalSection
GetConsoleAliasExesLengthW
RemoveDirectoryW
SetFileShortNameA
ReadConsoleOutputW
PrivCopyFileExW
GetCommProperties

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE