158503131e500bec3ab56d45f9003b91_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

158503131e500bec3ab56d45f9003b91_JaffaCakes118
Size

240KB
MD5

158503131e500bec3ab56d45f9003b91
SHA1

8c6f9587e5f3950b4b3d63d3c8f695ba226a866d
SHA256

ae5d6baa09b4ee6393fe46a6c4acd9c9579e2ff12ede436edad9999119f39fd5
SHA512

5610a23473682edd6611d2b74db55a05fc58259fe55cb81b7feb93a919d1e3fcf4f9257f20bdd83be120a99920b2f2be6e84801bdb8059e59f301211d5232184
SSDEEP

3072:I4zgTvJSw3CRu6/UcxIQ2Aa+9kw9nV7UGMeWtuF5z6pqPKHgqMq4Np/VvRdTG:IQgkw0/Ucx9ap2nV7Mty5RHbTvZDK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
158503131e500bec3ab56d45f9003b91_JaffaCakes118

Files

158503131e500bec3ab56d45f9003b91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39415e219432f8d0c03bf0cafddc452a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleInputW
InterlockedIncrement
ExpandEnvironmentStringsA
BuildCommDCBA
WriteFileEx
AllocConsole
SetEndOfFile
SetHandleCount
SetCommTimeouts

user32

DeferWindowPos
SetPropW
SetUserObjectInformationW
PeekMessageW
SetUserObjectSecurity
GetClipboardFormatNameW
GetUpdateRect

gdi32

SetBitmapDimensionEx
GetSystemPaletteUse
FrameRgn

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 666B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE