01c561c3b29ecb3e88ef6ceed257aa86_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01c561c3b29ecb3e88ef6ceed257aa86_JaffaCakes118
Size

180KB
MD5

01c561c3b29ecb3e88ef6ceed257aa86
SHA1

a35c24a2dca1f796a659ea86799188a3075c7f3d
SHA256

6d02b35dd24b397de2001c451f1a2ddb442ceac2fc533286271b0c07e7b7d4c8
SHA512

7c0e4212512a427dffdc383e43bdb00f0372b789eb5a27d939d396cf98b231ccb3258c09652c8f31258c3085f9ca66405301015887c5a384665ecb1e249dbb6a
SSDEEP

1536:WpYNpkfcNffa3qM/O6ZWxP+EP1AVawSS0J5kM1xg1AJM+nfLjxOtTeV+WzplA:5kfOfi3TOcWxP+EqaweJ1OwXxueV+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01c561c3b29ecb3e88ef6ceed257aa86_JaffaCakes118

Files

01c561c3b29ecb3e88ef6ceed257aa86_JaffaCakes118
.exe windows:6 windows x86 arch:x86

31de12bd0944475e0ef091d7d9472af9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winscard

SCardLocateCardsA

user32

DdePostAdvise
SetMenu
IsCharUpperW
CountClipboardFormats
GetMessageExtraInfo
GetCursorPos

gdi32

CopyMetaFileA
PlayEnhMetaFileRecord
EndDoc

kernel32

GetNativeSystemInfo
LCIDToLocaleName
GetConsoleWindow
GetLogicalDrives
LocalFileTimeToFileTime
GetNLSVersion
GetConsoleHistoryInfo
IsValidLocale
SetEvent
GetCommandLineA
GetSystemTimeAdjustment

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 88KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ