fe2903e43c74fdc05b3a76d78c2d721e_JaffaCakes118 | Triage

Sharing

General

Target

fe2903e43c74fdc05b3a76d78c2d721e_JaffaCakes118
Size

30KB
MD5

fe2903e43c74fdc05b3a76d78c2d721e
SHA1

4657c052b4aeff6e40eb6da605444a96d8d6686b
SHA256

0d9ba39cc0dc89014c60544d3c9464616cc6a4d328dce8b1ea7700fcd72bb36d
SHA512

109c1b4d8d10d9e3832e7c94d37ec7cc0a2571030b4ff5de34b5e00e9c1eac799a27a496c5e27fd2cf8f2a3a7f644dcea8110ff4561ececa677fac766c9035f4
SSDEEP

384:8mUSFF8vdcjsbpoOAC0HjnJ8wRTCRjfGaLUYuNi1Z7oEZCrquxzOcxkd1ZfkwNGU:vlF0dLyHjJ8iTOzGI2Y1ZZOlkVfkVIf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe2903e43c74fdc05b3a76d78c2d721e_JaffaCakes118

Files

fe2903e43c74fdc05b3a76d78c2d721e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3fac0ff3e415b8915ba486bbb22c109

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
EnumSystemLocalesA
EnumUILanguagesW
FindResourceA
QueryPerformanceFrequency
FreeEnvironmentStringsW
GetFullPathNameA
GetBinaryTypeW
GetVersionExA
GetNumberFormatW
GetCurrencyFormatA
GetLocaleInfoW
SetEndOfFile
DeleteFileA
ConnectNamedPipe
FindResourceExA
lstrcpyn
EnumResourceTypesA
ReadConsoleInputA
WaitNamedPipeW
ReadConsoleOutputW
SetConsoleCursorMode
OpenEventW
GetThreadPriorityBoost
TlsAlloc
lstrcpyW
GetUserDefaultUILanguage
ChangeTimerQueueTimer
CreateTapePartition
GetTapeStatus
GetThreadContext
RegisterConsoleVDM
GetConsoleAliasExesLengthW
QueryInformationJobObject
RegisterWaitForInputIdle
VerLanguageNameW

Sections

code
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 22KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 2KB - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ