573b8cf14550fa97a75fb2a92f23c9a0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

573b8cf14550fa97a75fb2a92f23c9a0_JaffaCakes118
Size

55KB
MD5

573b8cf14550fa97a75fb2a92f23c9a0
SHA1

970e8f17919b1a456ef665f365420262411d6428
SHA256

87414acefc62750b7f2510c5776daa6511175862b56c46e17b714b95a5eff82f
SHA512

c6527b36ecbe95ff61e98207a3f97fdbd13096cab01d886915bd343ba4074c73ef7cfd6913aab389d8b6b6b344a998666534cabc6592a8246cc675084df24e04
SSDEEP

768:bSLsQK83wGInugkeLdGNRtzxRZ9sFXiZO3tjuyo1eeXIHORrDRhGyD781:SsN+yxdG1xRHg9uyVcIHuvRM1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
573b8cf14550fa97a75fb2a92f23c9a0_JaffaCakes118

Files

573b8cf14550fa97a75fb2a92f23c9a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da8bb04ffcd062e94f9fa0a5c7d619f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
GetModuleHandleW
GetShortPathNameW
GetDriveTypeA
GetTickCount
lstrcmpiA
GetExitCodeProcess
GetLastError
GetModuleHandleA
GetLocalTime
GetVersion
lstrcatW
GetStdHandle
SetEnvironmentVariableA
SetPriorityClass
SetLastError
SetFilePointer
HeapCreate
IsValidCodePage
HeapFree
GetConsoleTitleA
GetStringTypeW
TlsAlloc

netshell

DllRegisterServer
HrLaunchConnection
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dataz
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE