d73cc219f9a06bfd9700b73041c78aba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d73cc219f9a06bfd9700b73041c78aba_JaffaCakes118
Size

68KB
MD5

d73cc219f9a06bfd9700b73041c78aba
SHA1

6e467bf6aba4415c5787a51d558d7997d53ea58e
SHA256

55fe150479da683d107a9b1bf68b35e6ad8b17f50002717aeb1e4730e79d3d0b
SHA512

eb2a9fa3b077dc45fdc40a7f72b9ec3d79f5d4d3fcf9ad6f4d2e7ccbb0550e1e87b082cca8bf022b49f052c722cec86df5405fa087d6f846036572eec2700a00
SSDEEP

768:3AGMy/O3yq/XV/ZIHKz5X2BqxwHNb/aLvP3AchBuYiDqYMdRPCHxmTxy63xOw8Xf:IiaZlxwt2Lv4suYZwRu34b8HjY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d73cc219f9a06bfd9700b73041c78aba_JaffaCakes118

Files

d73cc219f9a06bfd9700b73041c78aba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4bb80fd7c4420f36dbff434ead96a58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetPriorityClass
GetCommandLineA
GetCommMask
VirtualProtectEx
ExitProcess

shell32

StrChrA
StrChrA

Sections

CODE
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata0
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tcode
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ