01b72082223b93834b8b9567a12ee4b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01b72082223b93834b8b9567a12ee4b6_JaffaCakes118
Size

83KB
MD5

01b72082223b93834b8b9567a12ee4b6
SHA1

093e566f20da974a21f912b83b906166b95d0c0e
SHA256

ec4a096a6593c8762b03e3fab441db9ab89a2a92f472f6551e1ba0aac85a3027
SHA512

20bbc9a00107386a25803acacdb2465c948584617da1c59f0d6dae10120fd78b7bc3f1ea4ac414a7c5ad4d4c87f4ab5e9b1fa2271270ceabbf299a74e87d8988
SSDEEP

1536:io3PasMgwGOuLUa6q7GPM4QVahyhtvP6KltwFSh3tXBbUHjEErxTWDTMqhGKYIZg:iyaQwGOTBU/htTltww53UHjBkMqhGKZg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01b72082223b93834b8b9567a12ee4b6_JaffaCakes118

Files

01b72082223b93834b8b9567a12ee4b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

994e94bc869079bf0e6612151bc9ed50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
VerifyConsoleIoHandle
GetConsoleInputExeNameA
SetCommMask
IsValidLocale
GlobalMemoryStatus
MapUserPhysicalPagesScatter
LZOpenFileA
TermsrvAppInstallMode
FindNextVolumeW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE