dc7f05aef8b63e65e22591b8fb8cd4e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc7f05aef8b63e65e22591b8fb8cd4e6_JaffaCakes118
Size

56KB
MD5

dc7f05aef8b63e65e22591b8fb8cd4e6
SHA1

579990eb5dd82bf09d72ef365f8b1dc39c84c3e8
SHA256

a99581077e4077b354afcfeb1b04f6b5cf5378ebe9592b1e9d58805a901fe9d0
SHA512

6be0c5e0b6af1d0ffc540797f566f700645c743eb44ea419af7f82cc5e2baedcb86adac1d6efe12b32db466a53b0c871b6e4a26495eb23c4cf0d518ed827c08d
SSDEEP

1536:548HN3HN3HN3HN3VCOLjTVsH8uCCAgqhAMJpnQZL0h90Z9QCssSRf6:y8t3t3t3t3Vbf7CAphAkxQN0h90ZnY6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc7f05aef8b63e65e22591b8fb8cd4e6_JaffaCakes118

Files

dc7f05aef8b63e65e22591b8fb8cd4e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b11e5d515fb10ee7f1c48fab618da078

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstVolumeA
FlushViewOfFile
GetVolumeInformationW
ReadConsoleInputA
FindResourceW
GetNamedPipeHandleStateW
HeapCompact
WriteConsoleInputW
OpenFile
FindFirstFileExA
FillConsoleOutputCharacterW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE