da21d7ba8332ecc835def15c30e6b532_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da21d7ba8332ecc835def15c30e6b532_JaffaCakes118
Size

76KB
MD5

da21d7ba8332ecc835def15c30e6b532
SHA1

08813ceeb747d9729219f959f3a00f12bae53120
SHA256

6d8ec205c8fedc68111f57d65196d28621cd4a7baff4e4d7c3cc59f78d9988ef
SHA512

392636b54aad89c722282737adc6a85f6f209a833454fad3f8d5c404e9ed7e3b21406deff15ec3eb44a7372ca2c3235edd46e4d709f22f81e246a0e836cb6e55
SSDEEP

1536:p+Nmz4/d7ZCDJ4Kq9vK8sxtco4MdpjVrs2ryrd1vUQuq6:pfEKT+C8OitMdHs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da21d7ba8332ecc835def15c30e6b532_JaffaCakes118

Files

da21d7ba8332ecc835def15c30e6b532_JaffaCakes118
.exe windows:4 windows x86 arch:x86

409a367761bd362c0180872305876b94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnregisterWaitEx
GetConsoleAliasesLengthW
Process32First
AttachConsole
RegisterConsoleIME
SetLocalPrimaryComputerNameW
GetCompressedFileSizeW
TlsGetValue
ExtendVirtualBuffer
AssignProcessToJobObject

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE