b33d2ce02eb2400f132c65cfcfa26d83_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b33d2ce02eb2400f132c65cfcfa26d83_JaffaCakes118
Size

56KB
MD5

b33d2ce02eb2400f132c65cfcfa26d83
SHA1

b627eed4f1b49ce72e9f30b7ab1fd8c8da4e0c8f
SHA256

aa5cd31ab12d82c577d72a585fd8045e86750a5ea784ba38d508c097c98b3aca
SHA512

3b5e74d64cceb0a96470e42d2cc80b06c9b273cb0db8559c2e4dbace6eb73a78e02d7e4ce80e8b74930f2bb175d1a3d2c545450af8ddf7901e82bdc1629024db
SSDEEP

768:l1GM+tC8f0kjA79j6qT2Y5YSN0Lc0hAxjHC00rFsvE6IqMJnX8y0i6fBJcGhcR+v:bGdljmDV8BX+LPbnFKoOtr3w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b33d2ce02eb2400f132c65cfcfa26d83_JaffaCakes118

Files

b33d2ce02eb2400f132c65cfcfa26d83_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7696d1302f311e8c51fec4d2ccbabb18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDefaultSortkeySize
GetThreadIOPendingFlag
GetCurrentDirectoryW
IsValidUILanguage
SetConsoleCursorPosition
CreateThread
VirtualProtect
GetNextVDMCommand
GetDefaultCommConfigA
GetProcessHeaps

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE