e03621692c56f3bc068bb48cd6cba93a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e03621692c56f3bc068bb48cd6cba93a_JaffaCakes118
Size

63KB
MD5

e03621692c56f3bc068bb48cd6cba93a
SHA1

5db706345e685af4653d94d7ffbf469d2acfe0fb
SHA256

c37f7ddf0be11dda7684f414a970a554aabce9f759dbfe08e7601e91de700cfa
SHA512

292d6e6def0e9ac69086c9d87b70b3bd365bfaee1a00bc0590e5f841b5c4ca8e85dc5016dc5937e5579a11b116789df0ae607b1b8f0625bb8cea9b46d1403d42
SSDEEP

1536:jE1kP7k9rOMuMURLNMKj6ePcBe8mRq3YhSKpCFoq3ZFhIn:jE1DhPUhj6e3oo3wFjO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e03621692c56f3bc068bb48cd6cba93a_JaffaCakes118

Files

e03621692c56f3bc068bb48cd6cba93a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93708ed0bf83398b636ec0d320ac9506

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SwitchToThread
LZSeek
SetConsoleNumberOfCommandsW
FindFirstFileW
LoadLibraryExA
CreateHardLinkW
InterlockedIncrement
BaseCleanupAppcompatCacheSupport
GetProcessPriorityBoost
SetComputerNameA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE