1412d60920ca86f26dfdbedda2e3786f_JaffaCakes118 | Triage

Sharing

General

Target

1412d60920ca86f26dfdbedda2e3786f_JaffaCakes118
Size

472KB
MD5

1412d60920ca86f26dfdbedda2e3786f
SHA1

44843fc5affe697b65fc9431a6f7d4d0d28ced91
SHA256

af4bd528b68ac052bb8d00f76e0490f636bbcfd8bafeb02e0ca9cf6a5568ea42
SHA512

fc7151cabfca31f852e21a4db1368f0b1f8135c721bb5cb3117b10b6105d63f657082c8c3c9c7ea752d6c75dd6c23b99a9b5ff8b461a059063db2b2ba448280a
SSDEEP

6144:Bylu6uz5Y49Bqi5qZ366VuUxY9tRElNCgeVTiARduu0npl:0lpMjof3B8UxYbwCXVTRduJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1412d60920ca86f26dfdbedda2e3786f_JaffaCakes118

Files

1412d60920ca86f26dfdbedda2e3786f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ce3d12c1e627e8d17ec81c2525a472e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConvertDefaultLocale
UpdateResourceA
SetErrorMode
GetCommProperties
GetModuleHandleA
VirtualProtect
WTSGetActiveConsoleSessionId
FreeConsole
GetLastError
GetStdHandle
GetConsoleWindow
GetConsoleScreenBufferInfo
ScrollConsoleScreenBufferA
VirtualQuery
SetFileApisToANSI

user32

FindWindowExA
ShowWindow

msvcrt

iswupper
sprintf
localeconv
printf
memcpy

clusapi

ClusterNodeControl

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 877B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 352KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ