431c791f02333ed194d4a157fe847529_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

431c791f02333ed194d4a157fe847529_JaffaCakes118
Size

76KB
MD5

431c791f02333ed194d4a157fe847529
SHA1

9aab583700344d70181c3cc7fb74c28f18d91c60
SHA256

9f1fe4206ad8e4bad0697a9c92d8070e6a76e079ffc8382e83ab05cab22bddc6
SHA512

f457089b1b1ecf8c2c431f186b474b77a5e42d7aacda0211fec423559985d4ea4ea5c10781e1fd1fe3ddea17641e54b1beda5598b581a2aa3944c912b3b3a0d5
SSDEEP

1536:fWWWfkIZIEroNCMw3nIBfN8Yt72IqQXtrkgtpjVrs2ryrd1vUQuq6:fWWWsIZI67nITxt72fQp1tHs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
431c791f02333ed194d4a157fe847529_JaffaCakes118

Files

431c791f02333ed194d4a157fe847529_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e64afde2d4762fae622d11ea42e31bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WTSGetActiveConsoleSessionId
ReleaseMutex
FindAtomW
WTSGetActiveConsoleSessionId
CreateJobObjectA
EnumSystemCodePagesA
GetPrivateProfileStructA
GetCurrentProcessId
SetConsoleCursorPosition
EnumDateFormatsA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE