24484c3b3748bcf4b66df8115adba1d0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24484c3b3748bcf4b66df8115adba1d0_JaffaCakes118
Size

104KB
MD5

24484c3b3748bcf4b66df8115adba1d0
SHA1

6ce3f46f47513b4284def7bc3f8491466d0ffa84
SHA256

7ccae3801a3fcfe0efd55d39eed0ed44290bc70eadbeaaf888038c31db880fca
SHA512

1a5f5735d5b8b3aff1650c20f1c5d752e65012fde5da68a6b4e9f37e41e1f071ebbb6bc218e24a4c2f5dccaf726d8c2a223af239e20bf94ad3b4b36729a2b10b
SSDEEP

1536:c8UvhLpnm0+PEE6yxqLrbpO4nqeTuHvz/D5TiJjD5M1+g6ne2xcZCbRShWci+MU0:U60+PEEx8Pg4nqnHvzk21+NnLARI+p0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24484c3b3748bcf4b66df8115adba1d0_JaffaCakes118

Files

24484c3b3748bcf4b66df8115adba1d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c1bc0e2d11dd957f426926924f850f63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
RegisterConsoleOS2
InterlockedExchangeAdd
CancelDeviceWakeupRequest
GetCPInfoExA
PulseEvent
ExitProcess
GetStartupInfoA

Sections

CODE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack329
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE