09dbc835caa207dd975b68004ce70364_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09dbc835caa207dd975b68004ce70364_JaffaCakes118
Size

83KB
MD5

09dbc835caa207dd975b68004ce70364
SHA1

0a0511641e6692c5bd830471b3b02ae565dfa9a6
SHA256

d83884917d84e2434cf668149e86865af39a1e2166577bd927fbc3247017e0b0
SHA512

02167cd1c7b64704ca200b397e62193e19f07d07fcd02819a99e7a1f0e49687418bd06f694086be612c1b71d14a39cb922d4b6fc8ad6fb06be1ec2305a53a12f
SSDEEP

1536:B3G3c45b6LDAvZIESqRex0eDZrSdGMpjVrs2ryrd1vUQuq:B3GFb6L8vZIEStx0WOIMHs2q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09dbc835caa207dd975b68004ce70364_JaffaCakes118

Files

09dbc835caa207dd975b68004ce70364_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6eb1d48f8af168106c306e4df363b44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasA
RemoveLocalAlternateComputerNameA
SetConsoleCursor
BuildCommDCBA
GetDiskFreeSpaceExW
GetTempPathW
SetConsoleOutputCP
GetPrivateProfileStringW
BindIoCompletionCallback
GetConsoleInputWaitHandle

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE