1085fce7ac9fa892eda2ff93a210bc8d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1085fce7ac9fa892eda2ff93a210bc8d_JaffaCakes118
Size

56KB
MD5

1085fce7ac9fa892eda2ff93a210bc8d
SHA1

4af1fe9f9baa397157b83ad737923e1f60a763f7
SHA256

c3eb8c1d666318f56c41c1f2911fecf41ac17a77a71063dae2f51558b71613ce
SHA512

2a444b97f5ef2a8185a973a21752ec7322ff032f9f671521774d4a7562d7de28c5febf31f01d389344da546e3ccc7d0ee944eefa4dad0fb9fae869325af398f7
SSDEEP

768:WZGwghxICHFWnsoLzLsFtTjPmB/GN3JJbecdA5Lboi/bNOehDRFqosNIvkgbtQ0r:W95dYi1qzecdA58cbN5RFd/6eVTPRIHc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1085fce7ac9fa892eda2ff93a210bc8d_JaffaCakes118

Files

1085fce7ac9fa892eda2ff93a210bc8d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc48abe0666918dbe1e545e1d8197b50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyLZFile
SetConsoleActiveScreenBuffer
_llseek
HeapReAlloc
GetVolumePathNameW
Module32Next
CancelDeviceWakeupRequest
DnsHostnameToComputerNameA
TlsGetValue
lstrcpyn
MulDiv
ReadConsoleA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE