e099402472366b051ba0be1e2c7444ac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e099402472366b051ba0be1e2c7444ac_JaffaCakes118
Size

63KB
MD5

e099402472366b051ba0be1e2c7444ac
SHA1

742f93ea57cb868ca05283fcbcbaefb77d8251e1
SHA256

bbaed80a167f740f4af11f7081c8186edc7550018fe5235dd69a3ee8345716dc
SHA512

d5a6da1da7197e94d36df297cc6d616f764f089b792f3803deb7c247a21266bed8e1eba0ee2ce2234f611bb0068b9c949e6e7c132468de94ca35140df3f141fa
SSDEEP

1536:s0OeNwI2yMS3lzeEBlzqGpNzno0IW0iHiekB:s0ObI7MeaEBlzqGvndF0iCeG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e099402472366b051ba0be1e2c7444ac_JaffaCakes118

Files

e099402472366b051ba0be1e2c7444ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e3344b769599900860dbb393c135e2f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleA
WritePrivateProfileStructW
lstrcpynW
GetThreadTimes
GetCommandLineW
GetLogicalDriveStringsW
GetEnvironmentStringsA
WaitForSingleObject
GetFileAttributesW
WaitForDebugEvent
OpenProcess

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE