526ad1a56c8d0b7a95bb85b5feaa8d4d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

526ad1a56c8d0b7a95bb85b5feaa8d4d_JaffaCakes118
Size

83KB
MD5

526ad1a56c8d0b7a95bb85b5feaa8d4d
SHA1

39a23f1a5c92328475692b2b866d4d130b5a0233
SHA256

59f7d24102beb882b5b48201127327bf095864ed80d21a6469ae045c1abea0ed
SHA512

ff262595265fbf108d16668ec19506fdaf4bef1fcd7104f5476866c1f797e7c1314eaf25de239e0a3a3436d476f555234ec58ee41f8c295222f79fa1d863d02d
SSDEEP

1536:wp/4DCqKxMLM3OHORSR0CZgdm6ejKlUtVdwz8eYjEErxTWDTMqhGKYIZTET8bDQ:wp/oCnMLM3O+I5Zgd5elVdwz8eYjBkMV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
526ad1a56c8d0b7a95bb85b5feaa8d4d_JaffaCakes118

Files

526ad1a56c8d0b7a95bb85b5feaa8d4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2bf5a51c38dc748b194ec0d5cb23a4a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjectsEx
GetConsoleInputExeNameW
AddRefActCtx
SetConsoleCursorMode
VDMOperationStarted
LZCopy
VirtualLock
GetSystemDefaultLangID
SetVDMCurrentDirectories
DosPathToSessionPathW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE