227f22c55d082e4f8361fda6f0136ac8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

227f22c55d082e4f8361fda6f0136ac8_JaffaCakes118
Size

63KB
MD5

227f22c55d082e4f8361fda6f0136ac8
SHA1

270ebf7b4a5fadc5de42c00fc4a675b24c581fec
SHA256

3124910052d9011805b61ca4c83a7707c3773aa2ad738e4822031956ea0f8deb
SHA512

1eb2aaffaab3a13b8cb15a25406827f2ae36a09fd9e855320d189cb883f5e00a95d4e6073558939f9269e28cfea1bf45cb20d7a4c8b44cbbe72f7ae6865bb794
SSDEEP

1536:n4MZ3KzAIB3EmPkWPfOmtTfzer+HJOVcp2oQe8X5w:nbZ3+BEmDXZfz/ikRQeYw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
227f22c55d082e4f8361fda6f0136ac8_JaffaCakes118

Files

227f22c55d082e4f8361fda6f0136ac8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3db7382083b7ad8c3617fa6c3f0b16eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpungeConsoleCommandHistoryW
GetProfileIntA
WaitForMultipleObjects
GetVolumePathNameW
SetVDMCurrentDirectories
CompareStringA
InterlockedExchange
HeapCompact
PeekConsoleInputW
CheckNameLegalDOS8Dot3A

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE