b5ce33ecde6f92677316187110305426_JaffaCakes118 | Triage

Sharing

General

Target

b5ce33ecde6f92677316187110305426_JaffaCakes118
Size

145KB
MD5

b5ce33ecde6f92677316187110305426
SHA1

b8fba23707325da4a4ad6c8a218e7624498daed6
SHA256

b75e3c2783a23a8b4ed8d328699261bebec359f47fe1bbed5c9756604b190f18
SHA512

3090303f001b88b0be9a07f273b82de92160f5e3e99595d3715f4fcab3b7ad710d7faba71fbd63223ab32b19b07c739a3d6b921cc81c20da4ed06aa602c58d66
SSDEEP

3072:9DlLtYv9q0KbWPDRs8TU66LpJS3BqhuzxCUiKByDPTRE/2rDVBS:9PYVq3bWPDR666tMqh4oH6qDVBS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5ce33ecde6f92677316187110305426_JaffaCakes118

Files

b5ce33ecde6f92677316187110305426_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6dc11b836ae6f4d2ead2511ee2e7e11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32FirstW
GetCPInfo
GetFileSize
GetShortPathNameW
GetPriorityClass
SwitchToFiber
GetFirmwareEnvironmentVariableW
RegisterConsoleIME
GetNextVDMCommand
GetProcAddress
CreateActCtxW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 157KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE