153b78b273b9dcb158714b5f890b3e4b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

153b78b273b9dcb158714b5f890b3e4b_JaffaCakes118
Size

305KB
MD5

153b78b273b9dcb158714b5f890b3e4b
SHA1

3ddebc6addc2ef82151744a83ba2fd2300d2c80e
SHA256

a3800e8069bcb59edbd393af06d8d365eb2d7ff4e369644556b9b2ef98421278
SHA512

95e9d7e14338bf9d2c5b7fd2817292e33683f65d22fa01d7515ab89cb23867b79d60e249e2bb18bce3dbbece163dd4bd78eee9836c4b64e6da5653e38cc166a7
SSDEEP

6144:BSRCUN7PSYhZ4QH0IsYa8k6poqsBP+s0+rKv6VFuUFKPEBGhac:BdUN2X7NRO0BP+s0+rKvqFpKPJa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
153b78b273b9dcb158714b5f890b3e4b_JaffaCakes118

Files

153b78b273b9dcb158714b5f890b3e4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07e8ce2b41f7fd0229ac8e6e63f2c927

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetVersion
GetProcessHeap
HeapFree
GetStringTypeW
SetFilePointer
GetStringTypeW
CreateFileMappingW
GetACP
Heap32Next
HeapCreate
GetConsoleAliasW
SetEnvironmentVariableA
GetExitCodeProcess
LoadLibraryA
CreateMailslotW
DeleteFileA
GetShortPathNameW
GetModuleHandleW
SetCurrentDirectoryA
GetConsoleTitleA
WriteConsoleW
DeleteFileA

mstscax

DllCanUnloadNow
DllUnregisterServer
DllGetTscCtlVer
DllRegisterServer

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ