425b9512544fa0272c71b93e082ce2a4_JaffaCakes118 | Triage

Sharing

General

Target

425b9512544fa0272c71b93e082ce2a4_JaffaCakes118
Size

83KB
MD5

425b9512544fa0272c71b93e082ce2a4
SHA1

a073de03ce7cba5fafdb5c5cfaaf659ce4af5645
SHA256

5e6876c08e1b4735c4c83bc8e0f7b444fd8b7c392aa615a7d6ef3f137cbbeb7b
SHA512

f8b083a75dc519974722092ab8e05f1faec606ab1de93c16d81cdeba2fb41c73aa7d9cd0bc13be8e4a93c1639d864e04bdf94d529ec115cd193dcc4d0970bc45
SSDEEP

1536:E/ujqXQtoUBOmVQv4KaS0jnbWaCjS6yT9LRlKhGSJ6OOXwZkGXI7VEijEErxTWD2:MKbKa1rbWKh9dlKhl4kI7VXjBkMqhGKy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
425b9512544fa0272c71b93e082ce2a4_JaffaCakes118

Files

425b9512544fa0272c71b93e082ce2a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

612d94f0644a1936d58172144ceeb256

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleTitleA
SetConsoleMode
GetOEMCP
MultiByteToWideChar
QueryInformationJobObject
FindVolumeClose
CloseProfileUserMapping
GetPrivateProfileSectionW
FoldStringA
SetUnhandledExceptionFilter

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE