ac89936688c3f9da9700c788790789f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac89936688c3f9da9700c788790789f9_JaffaCakes118
Size

94KB
MD5

ac89936688c3f9da9700c788790789f9
SHA1

442f30a7ac0fbea9c8d2288dfe3298b7d1c546f6
SHA256

f93d1de4dec81a4d09e4766d5d1dda41afa3b9e51c5bbac237f1d7be768ffb1d
SHA512

e92d0ac58ca8052b31e31c700305f0153816335bc7a3760c8505c3244bf017b50b28fd59e61ac5e4f7c3dcce93522d8258f56ddaf5d73c5712972b055102ddf0
SSDEEP

1536:qtzov+uNjQVZfo1kNqeltDI967xPqom9RHjo/k0qnUSiVvc8YaEJwZK4/83ZoMOr:YEvuZw2Nqe/661P2RHzLnqvhZEXtpxLa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac89936688c3f9da9700c788790789f9_JaffaCakes118

Files

ac89936688c3f9da9700c788790789f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

afa58b46790784450d7dce3df606e355

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VerLanguageNameA
GetCommProperties
DebugBreakProcess
Process32FirstW
GetCurrentConsoleFont
SetLocaleInfoA
CopyFileExA
RtlCaptureStackBackTrace
GetProfileIntW
WaitForMultipleObjects
SetStdHandle

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.krdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE