f7a1dc45ac9bba44487cce79c31e956f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f7a1dc45ac9bba44487cce79c31e956f_JaffaCakes118
Size

181KB
MD5

f7a1dc45ac9bba44487cce79c31e956f
SHA1

cd6f9c51b6303c99fb9546713c80611e89f3ece0
SHA256

9094e965df63d7e20c9a537de65a70217c2c434a22cb38d2b806613bcb19c571
SHA512

f3a4f58b5d7df6ee92895f6fbeeb481233874b9699b5ea52f9546facbe87e758a051a6eccd766d2b04c8ff51355679e9db164fbef6750a1b446f0428103be2f6
SSDEEP

3072:SMxbqlwmnqA3XW8nuFJ0NZgNpxxbWptk7+ZVxOXtOlM0fs9AaRvOkOqflQid:LNqP7nW8IGUxbWtk7Ye0E9ACJgi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7a1dc45ac9bba44487cce79c31e956f_JaffaCakes118

Files

f7a1dc45ac9bba44487cce79c31e956f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13b4a887c9c9a452360553e417a2fadf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleOutputCharacterW
SetTapeParameters
GetCommTimeouts
QueryDosDeviceA
OpenSemaphoreA
SetComputerNameExW
GetPrivateProfileIntW
CallNamedPipeA
CreateHardLinkW
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

SetWindowContextHelpId
BeginPaint
GetPropW
IMPQueryIMEA
DrawIcon
DdeImpersonateClient
DispatchMessageA
MenuItemFromPoint

shell32

SHGetInstanceExplorer
SHIsFileAvailableOffline
SHGetDiskFreeSpaceExW
SHQueryRecycleBinA

Sections

.code
Size: 5KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 172KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE