10f5d12cb165c7e22fbbd8c7a14ce247_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10f5d12cb165c7e22fbbd8c7a14ce247_JaffaCakes118
Size

21KB
MD5

10f5d12cb165c7e22fbbd8c7a14ce247
SHA1

5a9c57944a5cf2685ebf419cde658dc05ade799e
SHA256

c22d0a7dadc08f866896d6821e4f97da2ecb76e3227e69caa7b29031d1eb81fc
SHA512

3945a38ac8682e5fc0616427bd665ffcea0e658360f790be4463412de5acb8203d8d8ddfa8e136330af9610f3f04215037ade32598eb8ad8d4f7d7a8c73c35bd
SSDEEP

384:VpBCQ+bUCV45QQIleEA5+ioG80/3qGh1Vz27k790yd/RcMagxlS+0LJ35aKXbQPN:rBCQoUCV45QQIMf5+h70/3qG/VK47qyj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10f5d12cb165c7e22fbbd8c7a14ce247_JaffaCakes118

Files

10f5d12cb165c7e22fbbd8c7a14ce247_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea54c01ebd887583150d7bd9c2c5a232

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VDMOperationStarted
lstrlenA
GetNumberOfConsoleInputEvents
EnumResourceNamesW
GetLogicalDriveStringsW
HeapUnlock
LZStart
ShowConsoleCursor
SetMessageWaitingIndicator
BackupSeek
CreateProcessW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE