f5b8bc9d6c30a7e917d3110ff3c49f42_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5b8bc9d6c30a7e917d3110ff3c49f42_JaffaCakes118
Size

76KB
MD5

f5b8bc9d6c30a7e917d3110ff3c49f42
SHA1

4eedd132034032a776356bdcd83fa0ae6fcd5e57
SHA256

c116dcfb68309add6dc567b27ecd4724436f575583e0da2ec13647c01c1bf3b2
SHA512

aae4d06399dcde19c9ae02979fc6d4e1a0e3122f9f6554a181bde4ce5563964b8a94ba7f3506ab06af7c0d0465dd231ebceaffec9a2a331443857bb90602cb5c
SSDEEP

1536:1iFKIuyde2Nd5v1C+Mt6U+SOfZtyx7Dngy6L+7qhpjVrs2ryrd1vUQuq6:J94NdG+VOBgy6ymhHs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5b8bc9d6c30a7e917d3110ff3c49f42_JaffaCakes118

Files

f5b8bc9d6c30a7e917d3110ff3c49f42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

107aeb43810ee85a2464e99f90b6aad6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFileScatter
MapUserPhysicalPagesScatter
RegisterConsoleIME
_lclose
FileTimeToLocalFileTime
WritePrivateProfileStringA
CancelIo
MoveFileExA
InterlockedIncrement
GetConsoleAliasExesLengthW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE