174778d88c71b63e5233d0a7ac2da220_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

174778d88c71b63e5233d0a7ac2da220_JaffaCakes118
Size

18KB
MD5

174778d88c71b63e5233d0a7ac2da220
SHA1

72782b511a4fe7dcc8bd16f6c5e1b78d687fd1c5
SHA256

f6147541bb30412fd4b50fa9a9492a159fa23e3eb2809b0887ac9a6caf827ef0
SHA512

693e32a55ec52350fd5a0b38b92190e9dc7b8ce259faac49533bd17f656cad0e5ffa76ee59e10807fe4230e9c1febb737bfb65735ab857646f27c2c964c796e5
SSDEEP

384:d7LDpUa7mEFN8ZKtMY5wPzpvAQWw/BRh4ai8chQdzhOw+QzRlKJ5xy5CQG:l1/7m0NvtMewPzBAQWw/BQK6QR4bQ1sz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
174778d88c71b63e5233d0a7ac2da220_JaffaCakes118

Files

174778d88c71b63e5233d0a7ac2da220_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1cd72cb52cc5fcfc1672249947ecbd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddConsoleAliasW
QueryDepthSList
UnregisterWait
CreateVirtualBuffer
FindFirstFileA
IsDebuggerPresent
MoveFileA
SetThreadIdealProcessor
GetFullPathNameW
GetConsoleCP
GetConsoleCP
SetUserGeoID

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE