ea980118fb55b4bbc5968ffad377a73a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea980118fb55b4bbc5968ffad377a73a_JaffaCakes118
Size

89KB
MD5

ea980118fb55b4bbc5968ffad377a73a
SHA1

f0db5c5807995e12019dca28ae6de58447468d2f
SHA256

dba4a19d971a9d4b44b6c9d882eac7eaec48e605df397448800ff26045d1345c
SHA512

d670da2890680a89a28ebf6ca472bf5d9c79b5d9de3e3a0c42a8ab6175e03b1bfda6baec76fcc227667b27615ce5310dd86308e07e4f3adc10d1011401f64705
SSDEEP

1536:hbp1WmmWsOHId7U/pmE1wYcSH9vUAhlKGHH0HN/Ye:Zp1rMOHQQpmE1wYcsvtkhJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea980118fb55b4bbc5968ffad377a73a_JaffaCakes118

Files

ea980118fb55b4bbc5968ffad377a73a_JaffaCakes118
.exe windows:1 windows x86 arch:x86

fe12298111233f3bc1411bd63e9c78ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperA

shell32

ShellExecuteA

kernel32

CloseHandle
CreateEventA
CreateFileA
ExitProcess
FlushFileBuffers
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetCurrentThreadId
GetEnvironmentStringsA
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetVersion
LoadLibraryA
MultiByteToWideChar
ReadConsoleInputA
ReadFile
SetConsoleCtrlHandler
SetConsoleMode
SetEnvironmentVariableA
SetEnvironmentVariableW
SetFileAttributesA
SetFilePointer
SetStdHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WriteFile

Sections

AUTO
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ