da51b9f6a81ed4f6ffc70ec0e036a1f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da51b9f6a81ed4f6ffc70ec0e036a1f4_JaffaCakes118
Size

31KB
MD5

da51b9f6a81ed4f6ffc70ec0e036a1f4
SHA1

0f630c9d0e2b93cd0c127f20d133973ab53349e6
SHA256

ff53065dbc398cf03648fb6e75182c4d2d7977b9986d710a61c8dc256fbac325
SHA512

1ca47d08812a8760de056e37f4a2c34bc28a1c50535ca54ca245945ed7922c1f8cbe7dd6bf706327c2c5c419a8da2671c860ceab360b74ad6d4de7a5a214017c
SSDEEP

384:dlL2poX2LnwoiXYPzgWzwXvlanmViTVwa22GX0wAJqyPRQF+7hLuGLXCeG0shKfy:zYoXmwo78C4vlvVieArRJgF+NeeAKvM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da51b9f6a81ed4f6ffc70ec0e036a1f4_JaffaCakes118

Files

da51b9f6a81ed4f6ffc70ec0e036a1f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0003c89e52693305ff3b9a5e5b425ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConsoleMenuControl
WriteFileEx
RegisterWowExec
GlobalAddAtomW
SetConsoleCursorMode
GetConsoleCharType
GetNumberFormatA
RtlMoveMemory
SwitchToThread
ExitProcess
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.code
Size: 4KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ