55fa675c0284e85399db886c2c22429b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55fa675c0284e85399db886c2c22429b_JaffaCakes118
Size

83KB
MD5

55fa675c0284e85399db886c2c22429b
SHA1

00478cb8bff993d2f20d77fb0523e25f931294b1
SHA256

784fc807810cf56307e209dc4d59eaf4d18ae0f9066322e63da51aafa2e6217b
SHA512

654a4750deeb924b3cf095e8be39aec9103760eb76ec2a17dd259f9af8570c4b7a8d39a4b9ea4c0b6c2533cd05de0b2201cb2b2eef98117dcfa802159d605c64
SSDEEP

1536:soWWLVYFeXnCln+s/IDFdTaE0mQa/klE+WG25VCW/yjEErxTWDTMqhGKYIZTET8Y:soWWLVBCYs/YTaE0m1/5+WTh/yjBkMq4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55fa675c0284e85399db886c2c22429b_JaffaCakes118

Files

55fa675c0284e85399db886c2c22429b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec4ffc4ac11e7eca16b2559b970a9b3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetHandleContext
LZOpenFileA
SetConsoleInputExeNameW
SetComputerNameA
GetDefaultCommConfigW
GetACP
Module32Next
GetPrivateProfileSectionNamesW
EnumResourceTypesW
CompareFileTime
GetNextVDMCommand

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE