18c8e932136adab595d5ba374e33dc9d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18c8e932136adab595d5ba374e33dc9d_JaffaCakes118
Size

14KB
MD5

18c8e932136adab595d5ba374e33dc9d
SHA1

3440c8f97116ce5f53889ea132b84cb70049636e
SHA256

2302c74a21cc854ceaa672f3e2eb50e0bc3ff4c9bfbb8cac965661c98e890c9c
SHA512

f81585991e94a25b276cc4270f35624ca710ed3be50776b3362cac0f3a6b0a044c38bc5635df278156025b78f3805369d6d5613dbf6a6cff382f76c5707ec950
SSDEEP

384:fPUZ3FyoPXu6lqOxvIVN5+kfJcUwIjBLdwmr5XYMnOTrZQgkzxW5g8+Wj1y/:f8ZVyC+6wOxwP5+kBcUwIjddwC5ooOZ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18c8e932136adab595d5ba374e33dc9d_JaffaCakes118

Files

18c8e932136adab595d5ba374e33dc9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21694c5b47d9acd5dd46346702fc5a0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
GetPrivateProfileSectionNamesW
RegisterWaitForSingleObject
SetCommTimeouts
LocalUnlock
GetConsoleAliasW
CreateIoCompletionPort
lstrcpy
FindFirstVolumeMountPointW
FindFirstVolumeW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE