ba78db99c36f8e6454c0a7ab09aae5e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba78db99c36f8e6454c0a7ab09aae5e6_JaffaCakes118
Size

86KB
MD5

ba78db99c36f8e6454c0a7ab09aae5e6
SHA1

b009713bf7cf09f3de5c4e79a04c6463c1fc7b75
SHA256

bcc4701343d4cb966293b67c03e1a310a04801a72705b17614ee2194f6ba8ce8
SHA512

0bf3e879f0a6747bbed5f4ebf51a97e9716d995cf42ec9ee0c100a7c27912d729bef1dbe2657285da4d8ed07e73ca93bc9ca2427fe329a5b104e0be694cf29c7
SSDEEP

1536:sEVnzFf1ywCaD2TrIhrcXVxwPt/AOrlSsSirCpmBVkPJ2fTYU0t0l5snR+7WGDFT:sEz5CaD2TuWVst/PcsCpmBBx0t+Ss7W2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba78db99c36f8e6454c0a7ab09aae5e6_JaffaCakes118

Files

ba78db99c36f8e6454c0a7ab09aae5e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8313e5a72f1ec7f14bc1583b7b553a61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadContext
InitializeCriticalSection
GetVersionExW
TryEnterCriticalSection
LocalCompact
CreateActCtxA
GetCurrentDirectoryW
LocalUnlock
SetStdHandle
SetSystemPowerState
AllocConsole

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ice
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE