d282459f62e3bc4f3ab78fceee5ffe8e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d282459f62e3bc4f3ab78fceee5ffe8e_JaffaCakes118
Size

56KB
MD5

d282459f62e3bc4f3ab78fceee5ffe8e
SHA1

3161775c85bacf6656068c74d3592ad0ccc60e06
SHA256

776d9a9d090c3e60805078afe703fa05cc9e5edbce233171b1e092a025722dc8
SHA512

e579ecee3e62714aefac14488617f6416e4c70381fbba76d2b807d9fed4e1fadcd50c664786ab52ac0c4e1957b332fcc8724fda5ca92a81d9a2df0144dc624bb
SSDEEP

1536:cb//AWRIC3gbJvZ+cPEunGiyKmiCVjtO5DDUhE7Y:cb//FIC3gbp8JuhygCttX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d282459f62e3bc4f3ab78fceee5ffe8e_JaffaCakes118

Files

d282459f62e3bc4f3ab78fceee5ffe8e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5db10c63a73ce8e13bab32da70aa9fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocConsole
IsBadCodePtr
GetStringTypeA
VirtualAlloc
GetConsoleAliasesA
EraseTape
_lread
GetHandleInformation
FreeConsole
GetLocalTime
SetMessageWaitingIndicator
GetStdHandle

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE