14951329bab16279b12090a5cc73a520_JaffaCakes118 | Triage

Sharing

General

Target

14951329bab16279b12090a5cc73a520_JaffaCakes118
Size

56KB
MD5

14951329bab16279b12090a5cc73a520
SHA1

3052ca7f3d02146edb8235454ddf9405c78bc00d
SHA256

4cdc1295499ff4e1eff75cdb164d0c19bc846d0ffb4ec8ef683c85529834c529
SHA512

a896d66796a335b0ecfad8d83a4c1ffc676252478a7313dcf9ebf9f7fabd1dd6a7453e01933e502fc48c12e7bcbddb30487fee49864c4e13c36be24914581046
SSDEEP

768:cE3kDU0h7UcYk6FJ4XMZ6CWcb7hrGTN77RK4HCNTrEHuGcCO7nbVgjwS/07/2RVs:3QUO3kkCLkZ7GT5GpOls0m6VFjvs6h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14951329bab16279b12090a5cc73a520_JaffaCakes118

Files

14951329bab16279b12090a5cc73a520_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0defebedf1a9432a05cf77c9ae2f266

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
HeapCompact
ScrollConsoleScreenBufferA
SetCommTimeouts
PrivCopyFileExW
WaitForMultipleObjectsEx
ReadFileEx
FindResourceExA
SetConsoleTitleA
_lopen
HeapSummary
GetShortPathNameW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE