ea3db546e86c04baf5f617e048620711_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea3db546e86c04baf5f617e048620711_JaffaCakes118
Size

83KB
MD5

ea3db546e86c04baf5f617e048620711
SHA1

b5251092d65f0b2506db9cb07c63d7543d78d49a
SHA256

6f7818249f7caf16ec7d9fa549accb531f60f6fda5d044908151ce8491b41f6d
SHA512

eadc7508f4817342e932fcaf609a4c116fd40bc0c5013f27bcccca2e46c6b67e066472f8c233f047c6ad1476342c71461bc958fb73c467dbbc6e726f7fc98da0
SSDEEP

1536:gHDVR1wf4KcEhCn+4UA5XZM06WRVKMZS7l9jEErxTWDTMqhGKYIZTET8bDQ:gjx4NcENXAzM0r2jBkMqhGKZTbbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea3db546e86c04baf5f617e048620711_JaffaCakes118

Files

ea3db546e86c04baf5f617e048620711_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd7839ad99798ac3edb767afe8b38fcd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
EnumSystemLocalesW
AddVectoredExceptionHandler
GetPrivateProfileIntA
AddLocalAlternateComputerNameA
WriteConsoleInputW
CreateMutexA
SetVolumeLabelA
AssignProcessToJobObject
EnumResourceNamesW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE