11d7f7c3f85cccd05c29df2110a29f52_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11d7f7c3f85cccd05c29df2110a29f52_JaffaCakes118
Size

94KB
MD5

11d7f7c3f85cccd05c29df2110a29f52
SHA1

060ba730a25a06d4e428e4f3f557ce0ce6c341d4
SHA256

2447cc59bcc8e54077439e41ac7521118c93c355ecd3283c2034d040b49ce72d
SHA512

ff7ddcbb206259f4f5ac77736c3d80b7d02656c31b53dccbf0026a476fa0deb7b95d7fc862ea76038a5bcfe5bfcf1521b86800641b0ab38f92f19395e1cf3951
SSDEEP

1536:h+8KHHdJ8PNXkgel6kGJP8vEsDEA7pDFc8YaEJwZK4/83ZoMOALLbwTc:hjKH9yFXzPHP8dT7pDFhZEXtpxLLbCc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11d7f7c3f85cccd05c29df2110a29f52_JaffaCakes118

Files

11d7f7c3f85cccd05c29df2110a29f52_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7facbd3dc97744664fd5de0740efb9c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Heap32First
LocalLock
CancelWaitableTimer
SearchPathA
GetConsoleInputExeNameA
WinExec
ShowConsoleCursor
MulDiv
SetEnvironmentVariableA
GetComputerNameExA
MapViewOfFile
GlobalAddAtomW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.krdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE