ec16858a92bbc3ae007afc09d8a47cea_JaffaCakes118 | Triage

Sharing

General

Target

ec16858a92bbc3ae007afc09d8a47cea_JaffaCakes118
Size

69KB
MD5

ec16858a92bbc3ae007afc09d8a47cea
SHA1

34a06063e65afaba49c30dcd4a7eaf2811e6442b
SHA256

92868cf32c9a3a255e99ccf368db7b81221fa0c0a6b2d29b74e45e9998cf6061
SHA512

c2113642cff90763128d66f04c9e727fc5ba221a04ed95aa687acf7796f38ee44a9a4495dda01c18664b2c2f1ab845206f3dc751de514de1f19777e940571aec
SSDEEP

1536:gGmORhb6dT0nty0BuHOghbpju8G8miLsBTp7aTYG:4wtyIuDY8ma6l7aTY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec16858a92bbc3ae007afc09d8a47cea_JaffaCakes118

Files

ec16858a92bbc3ae007afc09d8a47cea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7169a2e1b1edaef29109c75ef91e68b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RequestWakeupLatency
SetProcessAffinityMask
ExitVDM
GetProfileStringA
FindVolumeMountPointClose
GetFileType
EnumSystemLanguageGroupsA
DuplicateHandle
RemoveDirectoryA
RegisterConsoleOS2
GetBinaryTypeW
IsBadStringPtrW
GetProfileStringA
GetConsoleCursorInfo
FreeConsole
GetFileInformationByHandle
RtlMoveMemory
GetCommandLineA
ExitProcess
GetStartupInfoA

Exports

Exports

CreateHbchudjx
InitFuwnyxtl

Sections

.text
Size: 5KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE