4211b2d7121c11d5f032e6620030a384_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4211b2d7121c11d5f032e6620030a384_JaffaCakes118
Size

811KB
MD5

4211b2d7121c11d5f032e6620030a384
SHA1

3c0ddc0321314fe44b3a5cce7a2deeb497a58bcf
SHA256

8116d7183e7de0c11badc305a324fd417ae0ce6d8dcab1f1c6e3a365cfe62885
SHA512

dd9510a517bcf6381b1ac9ef7f5962c3ef72f6c65c265b52e4b40996a7e95bcb24185fa99ecce465318e7e9ea07d392129daad30e47e14a08ad41bb1ad901a90
SSDEEP

24576:dS7avfaJR8vyVQBUj3gE4cxkLl91Ewbhtcgr1AP+xm:g7SartaUj3LOPciAP8m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4211b2d7121c11d5f032e6620030a384_JaffaCakes118

Files

4211b2d7121c11d5f032e6620030a384_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d52c22fd3713861a49f85e93bdd4686

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

OpenMutexW
lstrcpyW
GetLogicalDrives
GetLogicalDriveStringsW
GetStdHandle
LoadLibraryW
GetStringTypeA
VirtualProtect
GetFileAttributesA
GetLogicalDrives
CreateEventA
SetCurrentDirectoryW
GetLogicalDrives
GetLogicalDrives
GetVersion
GetModuleHandleA

scrrun

DllRegisterServer
DllCanUnloadNow
DllUnregisterServer
DoOpenPipeStream

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ydata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 802KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ