f523ce38da98bc558fe427d0e2ebe3a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f523ce38da98bc558fe427d0e2ebe3a5_JaffaCakes118
Size

35KB
MD5

f523ce38da98bc558fe427d0e2ebe3a5
SHA1

a4c174fd0f71d73618425a7ad0afa268f8956de6
SHA256

3fdac4e59648d27eead1970102d7d9c4f64e6420827678f82526bfdd0e843841
SHA512

e524aac42afc5c229e22e1d40365f51659d7c7f1c41a34c5c8e79ce960cd7ef01c64586e301ad74e9ae406f2633bd366f1d6cf6b7a8607eb902c5c5abb22fcbd
SSDEEP

768:DaPQS/SotERDruDSXG9DlLzwY/ywY89aueQUJUU/jR/nitsLnn+f2LD7X:DaYTRHSrVyh89iQUJ1jdnYsLn6s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f523ce38da98bc558fe427d0e2ebe3a5_JaffaCakes118

Files

f523ce38da98bc558fe427d0e2ebe3a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0712b68a626a18552dcd01821ecd10e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
GetTempFileNameW
SetConsoleCursor
GlobalUnWire
DeleteFileA
GetHandleInformation
DeleteVolumeMountPointW
InitializeCriticalSectionAndSpinCount
OutputDebugStringW
GetConsoleCP
MapViewOfFileEx
GlobalFree
LocalLock
FindCloseChangeNotification
GetFullPathNameW
ResetEvent
CreateWaitableTimerW
GetLogicalDrives
MoveFileWithProgressW
SetCommBreak
SetConsoleInputExeNameW

Sections

.data
Size: 4KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ