d6a0af47d8db23083de79944a1c6d5d4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6a0af47d8db23083de79944a1c6d5d4_JaffaCakes118
Size

27KB
MD5

d6a0af47d8db23083de79944a1c6d5d4
SHA1

a89ec6bf70eebcbfc0ac15e799624bb93249fea3
SHA256

19bb858038902b917a67b47d93f8c7e4f8f2e5cdf325d79b0cea889f5136b009
SHA512

0391b75f78362af207e257cad7d86cb046962839b77d6585c8cc9311b09e172f93240ce0783e6f7e7f8c79b532cae6afeb07f2a3b56dab5622655e87d5d60d02
SSDEEP

768:tljDCK4KxptFAd4+VHamqUCPvQ6lGOVV9D70OKLauj0OBPDZWSCuatb0BIisl:HDCpVxw9XKjtCuatmI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6a0af47d8db23083de79944a1c6d5d4_JaffaCakes118

Files

d6a0af47d8db23083de79944a1c6d5d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab882daeea341762a732856c9b3ba86a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
SetEnvironmentVariableW
BackupSeek
ReadConsoleOutputCharacterA
HeapWalk
DefineDosDeviceW
SetMessageWaitingIndicator
SetConsoleDisplayMode
GetAtomNameA
RtlUnwind
SetFilePointer

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE