1c3580926d6658d0cdca14586cd24746_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c3580926d6658d0cdca14586cd24746_JaffaCakes118
Size

33KB
MD5

1c3580926d6658d0cdca14586cd24746
SHA1

09db412725ce8fd67169e1fb12bd306b2a7fe0d8
SHA256

3f1b8426617f6ae4519cd293ad1b6bee7d6ea0bf9cf5ae241d5acc1a766bb29e
SHA512

12af6663dc726d05183c7582cef3c5618556e9859e1492a28e63321b8fc8a0d714bd98350235d04dca8eecc8fade1be6c1bc2e8b093ec92d5902864a0a05835b
SSDEEP

768:LHIJszNvn2Q41BA8fInXD/fmyP6rwcle3h1O0N5:LSszV41BF6XTD9cle3vO0N5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c3580926d6658d0cdca14586cd24746_JaffaCakes118

Files

1c3580926d6658d0cdca14586cd24746_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa3949546c400799a383e76fca27139e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
FindAtomW
CreateWaitableTimerA
EnumTimeFormatsA
FormatMessageA
GetDiskFreeSpaceExA
WriteConsoleOutputA
EnumResourceLanguagesA
FindNextFileA
WriteConsoleOutputA
DefineDosDeviceA

user32

VkKeyScanExA
RegisterDeviceNotificationA
CharLowerW
CharPrevA
DrawTextA
CreateMDIWindowA
CharUpperA
LoadMenuA
GetMessageA

gdi32

ExtTextOutW
StartDocA
ResetDCA
GetLogColorSpaceW
EnumFontFamiliesExA

Sections

.tls
Size: 24KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.masm
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.share
Size: 1024B - Virtual size: 782B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ