27578e034c453a9499f45af95f04c066_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27578e034c453a9499f45af95f04c066_JaffaCakes118
Size

188KB
MD5

27578e034c453a9499f45af95f04c066
SHA1

740e2b1dcb012c581c5e50ae9d9dcc282bc67a5c
SHA256

daafdcf8e9e1b7b43b3bb5816db15ca0e75c3317e59745175ada5375ad1e8e3a
SHA512

efb735863e60d7ef82278e63ef10a0dd2f435d3793124af14521b4ad5383ee9ee4cdb36f5bc8abac4bb9ac91ef93d8823f66f06cecfdc725439267fdacd6c975
SSDEEP

3072:POVpiDpAGXidvmmVC/7yeC5jCKXiZMr40fyIIdzgZnGDrxDr+muSEkYsr9mIJhB:Gvp8MT4yeCZCBir4yyIa8ZnGD9uR9Iwf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27578e034c453a9499f45af95f04c066_JaffaCakes118

Files

27578e034c453a9499f45af95f04c066_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5c667091f9d8225dfbc962bb0cfac52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
InterlockedDecrement
ConvertDefaultLocale
GetVersion
GetDateFormatA
OutputDebugStringA
lstrlen
CreatePipe
ExitProcess
LocalCompact
HeapDestroy
SetConsoleCursorInfo
ExitProcess
GetStartupInfoA

Sections

CODE
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 181KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack329
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA