f41c7f29bedaf28bf6554781e3286575_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f41c7f29bedaf28bf6554781e3286575_JaffaCakes118
Size

224KB
MD5

f41c7f29bedaf28bf6554781e3286575
SHA1

9562aac00e16a6091515553e9e59a37ea1f54699
SHA256

53333eab3ee6fa2a467b8fd56ba58c504aad66bea0b2c2b6892060a5702470fc
SHA512

f41fbd6cf940a4462bc6e6737a0c0ac8878384481381f32f9d02366d74c132cf2e626fe6bc731b275cb78b10629569953f558b5409a57c3c5a7ffe325880a9f0
SSDEEP

6144:9CBzXnpPHy5vcqFDq8jwdwrZIbO8C1QbRT7n+8e:9y30vcquwaC8Ce9ne

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f41c7f29bedaf28bf6554781e3286575_JaffaCakes118

Files

f41c7f29bedaf28bf6554781e3286575_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88980ca4edb38db213a2d77d0881da27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
EscapeCommFunction
SetComputerNameExW
InterlockedExchange
DeviceIoControl
GetCommandLineA
BuildCommDCBAndTimeoutsW
GetCurrentDirectoryA
lstrcpyn
WriteConsoleOutputA
GetProfileStringA
ReadConsoleA
SetFilePointer
HeapFree
GetDiskFreeSpaceExA
OpenJobObjectA
AddAtomA
VirtualAlloc
HeapWalk
OpenEventA
GetFileAttributesExA
SetPriorityClass
ReadConsoleA
HeapQueryInformation
SetLocaleInfoA
SetThreadLocale
SetEnvironmentVariableA
GetSystemTime
SetCurrentDirectoryA
HeapAlloc
GetDiskFreeSpaceA
GetProcessHeap
GetStdHandle

ws2_32

recv

Exports

Exports

GetNoruatbxpy
CreateEuekenjac
Vuumwtwxhx
ReadBdgmeqo
Vyqwtbktsa
OpenPbeukmbeetq

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 857KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ