aedc0ea811e1bdcd3aba414b50926687_JaffaCakes118 | Triage

Sharing

General

Target

aedc0ea811e1bdcd3aba414b50926687_JaffaCakes118
Size

55KB
MD5

aedc0ea811e1bdcd3aba414b50926687
SHA1

1f6d3d641bd3fc4300a768a1b819ff3118c90120
SHA256

f66f97a6a222818b86c177a5983356c8f6399d8ca0cab8e11da4496c7fe8c3ff
SHA512

0c9f92e283d0d5c4c1742658ea5481faa43d8c1a761bda410a3720e4df19a01f148ba9861ace3a389a954faa04f950ee1cbbf885e05f7cb5dce661278c7d3aeb
SSDEEP

1536:5aUjQahPBzbAFIdYWho3AkiLxlFnuxpEW:NPBz1dYojlxlFt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aedc0ea811e1bdcd3aba414b50926687_JaffaCakes118

Files

aedc0ea811e1bdcd3aba414b50926687_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f96b482955257d9ac8d15f0ba24e650

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenJobObjectA
SetConsoleActiveScreenBuffer
CreateFileA
GetOverlappedResult
InterlockedCompareExchange
SetConsoleInputExeNameW
CloseConsoleHandle
GetFileAttributesExW
ScrollConsoleScreenBufferA
GetConsoleCommandHistoryW
GetUserDefaultUILanguage
SetErrorMode
BuildCommDCBA
GetSystemDefaultLangID
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 5KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE