c7ad16382f088201a92205a779111df5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7ad16382f088201a92205a779111df5_JaffaCakes118
Size

81KB
MD5

c7ad16382f088201a92205a779111df5
SHA1

da30cc65f7e592214ea143bc4758b0a7537658f0
SHA256

d5410c0e966992bef4fd2c95aabce90c942550230dbc62e1407b8fbba4ddeb76
SHA512

4ef943605f0a2b31ba3f5b8628ab5427ef7847780e5c90c9e9ef50012fc081e1f8db37580c15b8e519d6d849ac4be3c553bdfb1b0fc6b3d962e59be68ec8b17b
SSDEEP

1536:Z3PiffNcbGVeMv8Rysy+Pk8AyX42scI9FH+fqSkhs3v+1TgbJ:Zfi3NL78RdBAB2IH+0y/2m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7ad16382f088201a92205a779111df5_JaffaCakes118

Files

c7ad16382f088201a92205a779111df5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

af8bbd0bb63d711ec662564a312a9c2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
WriteConsoleOutputAttribute
VirtualProtect
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA

user32

GetUpdateRect
GetTopWindow

Exports

Exports

SetUyeilrcn
ReadXmeclowve
Twajwske

Sections

.text
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 800B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 67KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrd
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ