b8ea9d2df617c9e077ede34ecec7978b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8ea9d2df617c9e077ede34ecec7978b_JaffaCakes118
Size

83KB
MD5

b8ea9d2df617c9e077ede34ecec7978b
SHA1

694840d10fa6dea77b1ef64b73a4335d9330fc06
SHA256

2d0541296853e5811be69102d377fe50b405f763118572cdb9e6a460205ca988
SHA512

9d632b5453dae6616173c9b64143a68b6eeaecc37187f46661d20a770062ba03e7d37654a789b60ed258ced15cf35f5fb07aa265bfe66e63bec63ff2ef4a89c0
SSDEEP

1536:XC0i//HY8crXCHYeLm/ln1ZQYVHx0pljEErxTWDTMqhGKYIZTET8bDQ:2/PbcrXCO/p1PVHOnjBkMqhGKZTbbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8ea9d2df617c9e077ede34ecec7978b_JaffaCakes118

Files

b8ea9d2df617c9e077ede34ecec7978b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11749cf31c68566822353f5a1a7b528d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BaseCheckAppcompatCache
ExpandEnvironmentStringsW
ExpungeConsoleCommandHistoryW
GetSystemInfo
SetConsoleCursorPosition
GetStringTypeExA
SetConsoleTitleW
QueryDepthSList
GetConsoleCommandHistoryA
lstrcpy

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE