243bb3ba30c902db48d28152f07432d8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

243bb3ba30c902db48d28152f07432d8_JaffaCakes118
Size

37KB
MD5

243bb3ba30c902db48d28152f07432d8
SHA1

7f9970c2f29a9df229665daf53e4880d8fafedcd
SHA256

7bbb5d9706c97f3ed3acf60b6bab78f69bff3646e574bb9768cdbc1839b9cbb0
SHA512

237b4d9d167d1444001a4b5f6aa9026744cbc334b23af91256251865bbd88a5a4d1bdc16eb45dd448b9a9ecf286d2e4e4636ec274614578d7e5704c9d65e9487
SSDEEP

768:NlvhHcusXk5U+mIsEUxX0fwT2ieIXtrgkMV9MJ:RiXuFsEEXbXdHMr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
243bb3ba30c902db48d28152f07432d8_JaffaCakes118

Files

243bb3ba30c902db48d28152f07432d8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bd0c9c169105f977597675fc22bd11d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommModemStatus
GetLastError

gdi32

CancelDC

Sections

.text
Size: 23KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vnndfdx
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE