533cd3179b9a8ece0b478e26295a1031_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

533cd3179b9a8ece0b478e26295a1031_JaffaCakes118
Size

132KB
MD5

533cd3179b9a8ece0b478e26295a1031
SHA1

62acd19e7e8091558686ef9413b60c808a933d7c
SHA256

e0be34dabe688c7495636948d17665b1d5016c830cb11dc05572bb41d33d4d82
SHA512

df4894fe3b657cad05927f19793ec75e1fcbb5242620f43300e86e88544b69ca94457b033e3cef952e8696127d50a0cb0fb965616584e6a815f4c15aacd9505a
SSDEEP

3072:ZA9F1TFPPCUEngBzTX0OPxHrITXb3lpP4SAbH:ZY116n6zTXd5rITlpP4S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
533cd3179b9a8ece0b478e26295a1031_JaffaCakes118

Files

533cd3179b9a8ece0b478e26295a1031_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc050148dec817be493e3cf535ea0c18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenJobObjectA
SetEndOfFile
GetConsoleCommandHistoryLengthA
_lopen
LCMapStringA
TlsGetValue
SetConsoleInputExeNameA
GetLargestConsoleWindowSize
VerifyVersionInfoA
Beep
WriteConsoleInputVDMA
FormatMessageA
UTUnRegister
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

itext
Size: 8KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ