22e3ecb90cd95d11f3672c429853f035_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22e3ecb90cd95d11f3672c429853f035_JaffaCakes118
Size

216KB
MD5

22e3ecb90cd95d11f3672c429853f035
SHA1

4aba8626995d51c5006046d5fa1ae1e4d19cb497
SHA256

72f1aed17863cbaf57df473e4ae45e8e8a11266339727fc3f396a41d72e692ec
SHA512

f17afcc80ad8f7bc21c3c103197f71786f5b4b17fe2d8487ec768fde66e922f7c42fedb414b1a98e15df1b6098817b7973c3c52ed78b3c60ac6f0ad853e91e37
SSDEEP

3072:FK7FbpjruGz2BhRXNrvIScj3znsdfTSD1GAQq0SqlXDYZkr0qnfetvimSpmMb/GI:FKVxuGihXNrvZcfnsdf8UptVr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22e3ecb90cd95d11f3672c429853f035_JaffaCakes118

Files

22e3ecb90cd95d11f3672c429853f035_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05be7cf1805e4436c1c119cea279a79c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetConsoleAliasExesLengthA
lstrcmpi
TerminateProcess
FindFirstChangeNotificationA
GetNumaAvailableMemory
SetLocalTime
FreeLibrary
GenerateConsoleCtrlEvent
lstrcmp
GetCPInfoExW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE