faa239c48312b7606f3c11e3c20b72b2_JaffaCakes118 | Triage

Sharing

General

Target

faa239c48312b7606f3c11e3c20b72b2_JaffaCakes118
Size

83KB
MD5

faa239c48312b7606f3c11e3c20b72b2
SHA1

ac1cb31c6912f01861c50e61b54c35dcd89bff32
SHA256

5ae38dbd7ddebffff8248aa46733b335029db4f37e5474f9a979f12e54db9de1
SHA512

6c138c45980541743b8307c5c24e0f26ecbc82fceeb95007712bc25adc78dc66d519c41191af1c0902feea2fe1acc0e7aa9c1836c687acbba4c0f046bdeeb2e7
SSDEEP

1536:1j/FbaC/ls/4RC/lP7N8sCuRlzepNgG2jEErxTWDTMqhGKYIZTET8bDQ:FN1/loRljN8sfKHgjBkMqhGKZTbbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faa239c48312b7606f3c11e3c20b72b2_JaffaCakes118

Files

faa239c48312b7606f3c11e3c20b72b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8425d58ec4a04a4b44722721b658bcee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCtrlHandler
MapUserPhysicalPages
GetWindowsDirectoryW
WritePrivateProfileSectionA
GetGeoInfoA
GetModuleHandleExW
_hwrite
GetConsoleFontSize
MapViewOfFileEx
GetThreadPriority
WriteFile

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE