2421870263c491156c55883e1026844d_JaffaCakes118 | Triage

Sharing

General

Target

2421870263c491156c55883e1026844d_JaffaCakes118
Size

110KB
MD5

2421870263c491156c55883e1026844d
SHA1

b1d53f74e0878fbfbd4f980dbea5ea25be8e1e09
SHA256

c0cc2eb5bed985e5152f94b51c6439f67d5fb0918dc7781f03680e7caf67610e
SHA512

c803069bcc7bb5a274575f6901fe8fba4f2b868c54c4cf243e5213b8767e6729cd324c9e004c9d8c0f382d4425c412b3fff416831661ba1949a4a07aadfa7700
SSDEEP

1536:rgf+63BVmUJ7+KPYsq/ueoEQCYoKdS+IvmSYNxgHGsBz0akj3Ptb6QAcNbX76I3H:S6CQEqv7pc5SCsu2oh40kv3VucVEp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2421870263c491156c55883e1026844d_JaffaCakes118

Files

2421870263c491156c55883e1026844d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5785f6d45a1c2aa968b57cd39959b5ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ContinueDebugEvent
WriteConsoleInputW
GetFileType
GetDateFormatW
GetConsoleKeyboardLayoutNameA
CreateMailslotA
SetCriticalSectionSpinCount
CancelIo
WritePrivateProfileStructA
TlsAlloc
VirtualProtectEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 41KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE