2d1858594006eb2a293a0a8b92720cf4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d1858594006eb2a293a0a8b92720cf4_JaffaCakes118
Size

76KB
MD5

2d1858594006eb2a293a0a8b92720cf4
SHA1

19efa3ba0069950bf709d370495e96ba51ea6707
SHA256

64b2f7c0c0f3c88b987ce2b19fde9a753b75566d090d47545bb3c1c71e8b955e
SHA512

268150e1bdef99243e26acfd1abcdc7c11b4ac813bc6ec56e6b4e4be2a0eb4d3ed63e292a7e48aa725eda687339195f014e120405d851ca527340a02a8871e83
SSDEEP

1536:ZIXefaKW1IOoapDDSv+q8+s/K1gsmXg10SBYc5FSZFmICyP65BQpjVrs2ryrd1vo:ZIT9sG4YQUm8PgQHs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d1858594006eb2a293a0a8b92720cf4_JaffaCakes118

Files

2d1858594006eb2a293a0a8b92720cf4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e7d3db3b3a5decffa386d7d448662f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PeekConsoleInputW
GetNumaAvailableMemory
GetProfileStringA
SetConsoleDisplayMode
EnterCriticalSection
IsBadCodePtr
EscapeCommFunction
LZRead
GetConsoleInputExeNameW
RemoveDirectoryA
GetComputerNameA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE