d50d2f8b6f8b654754aa59994ee6b4dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d50d2f8b6f8b654754aa59994ee6b4dd_JaffaCakes118
Size

42KB
MD5

d50d2f8b6f8b654754aa59994ee6b4dd
SHA1

4d5922c96c1acd7b5888af674ae1b48f352785b7
SHA256

a058fb4caca17e164b4b98616e5cf0d1187d6a461ce345fce80c3d1143fd02f3
SHA512

4305963fb20133ae1bd58a5ae0bd86c9e9ff1f722f3294c63b6a83d1d9c63c12964c04c69434bf8d0d00aba42f64deb25fbd60a6c5e4bb3ac790b7da0ef08190
SSDEEP

768:3NvkqjGu6wMP7dJ4NcWiFDwQ4Ty17QbM43OpXpKG5HPhJBGrkHeJBNjK7N63x:9sFu6wMP734NmB1WD443WZb5HPXBQ7Jt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d50d2f8b6f8b654754aa59994ee6b4dd_JaffaCakes118

Files

d50d2f8b6f8b654754aa59994ee6b4dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d30c4ffceca72583b355dc473bd2cf7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNextVDMCommand
GetDriveTypeA
GetStdHandle
GetSystemInfo
GetVersion
GlobalAlloc

msvcrt

_tell
exp
_tzset
_umask
_spawnl
_stat64

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE