1104d8c71b07fb6c5f9213626d911ed0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1104d8c71b07fb6c5f9213626d911ed0_JaffaCakes118
Size

66KB
MD5

1104d8c71b07fb6c5f9213626d911ed0
SHA1

a5bbc6b04d0ac7ad60c4c7065f4251c09fa6581e
SHA256

0ccb2b085306c7c42c9e5c1f71e57b09335b087176221c1811a11d8ef6898f56
SHA512

4cdeb50baa7a44630607a3b2d07f99bce07db6b91982c8621e1e9143b5cd2ae0070324b8500473d51a2361b15513dfd38c2c798a7bf1da8c6f66fd7f32d180e0
SSDEEP

1536:QNBjt+y32DILJSDKRj4sNh/IB6FXv98LriFi:QNBjx3cMIDwssXIYf98LW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1104d8c71b07fb6c5f9213626d911ed0_JaffaCakes118

Files

1104d8c71b07fb6c5f9213626d911ed0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3aaa2b22cde9dc88e9ba7252945cfe81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputExA
RestoreLastError
GetDiskFreeSpaceExW
GetProcessAffinityMask
WriteProfileSectionW
GetLargestConsoleWindowSize
GetProcAddress
PrivCopyFileExW
GetFullPathNameA
LocalCompact

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE