08b119e8ccadeac5e5c6c778463c18b4_JaffaCakes118 | Triage

Sharing

General

Target

08b119e8ccadeac5e5c6c778463c18b4_JaffaCakes118
Size

44KB
MD5

08b119e8ccadeac5e5c6c778463c18b4
SHA1

161e50584fbe1590b925fdf4f31da12f77a1bf4e
SHA256

fcd8700085688c073d4e236f4bebb3b6a80af367c4f551c032f559e5aa7837cf
SHA512

1a059f6426e0c0b34af1242274239d526242e18b64dcdd335f96f2d0bfd5de80b97a694ddcae5b71688f5c265cca5cfd8b990f354c70db8cfb1b30a85c619471
SSDEEP

768:uL5VRbugWjUFxwRwuKZBZkURoQ30ScFjXX4pr15Z:kIgPwR+ZBWZBFjn4l7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08b119e8ccadeac5e5c6c778463c18b4_JaffaCakes118

Files

08b119e8ccadeac5e5c6c778463c18b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c72b88a926771528aa06a274e1c1456

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
SetFileApisToOEM
GlobalReAlloc
GetCommProperties
ReadFile
WaitForSingleObjectEx
EnterCriticalSection
GetLargestConsoleWindowSize
GetUserDefaultLangID
SetProcessPriorityBoost
GetProcAddress
GetSystemPowerStatus
GetFileAttributesExW
GetLastError
RegisterWowBaseHandlers
IsValidCodePage
CancelDeviceWakeupRequest
ReplaceFile
FindFirstFileExA
GetCurrentProcess
EscapeCommFunction
VerifyConsoleIoHandle
SwitchToFiber
EnumDateFormatsW
_lwrite
EndUpdateResourceA
LoadLibraryA
SetComputerNameA
SetConsoleDisplayMode
ClearCommBreak
GetCommandLineW

user32

SetCapture

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE