253bd88742d06698a369a479a2e50bef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

253bd88742d06698a369a479a2e50bef_JaffaCakes118
Size

171KB
MD5

253bd88742d06698a369a479a2e50bef
SHA1

0bfc19713a30f73ef990f4c07ed034d017ffdb25
SHA256

cefdf310f2c3ede9bb1a932ce199add6f0554ac163d1ec4ef2de93f188e0ad0e
SHA512

4edd506d2f1c85cb17f98b7e54486ea583a7a29a7b9a19c547066d8b380a7d7aefcac8dc77490a38903771664e294601e8d4a7befe5a63c86254dd083c15efba
SSDEEP

3072:t2dXNPjsGqMbhQFU9VY7xaOGSde2/2fmtXTWyZfCOTuZ0Pj6lRaQYO5w4P3yl:t2dXRbXhQFOjSdrxtqEbiAfZO5w4P3Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
253bd88742d06698a369a479a2e50bef_JaffaCakes118

Files

253bd88742d06698a369a479a2e50bef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5a5d6834d3bd6f751f9e5fe9b709f5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BaseInitAppcompatCacheSupport
ReadDirectoryChangesW
GetProfileIntA
GetCommandLineA
DecodeSystemPointer
Heap32Next
CreateJobObjectA
SetConsoleHardwareState
ExpungeConsoleCommandHistoryW
ClearCommError

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 157KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE