259310d7b18e95da814918c17b440a18_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

259310d7b18e95da814918c17b440a18_JaffaCakes118
Size

742KB
MD5

259310d7b18e95da814918c17b440a18
SHA1

e5ad45a2115aef6989b2c03b230bce0e7d8327f6
SHA256

aa9d0844eaa1546b71a2fd133efaed411f797a81df72493258bbf82ae58c55f9
SHA512

5ea2b4e4b60a1e8c56f8e4c6682aacb5ea630286e266f85a97933bd1610db7320539c0c5d10d5c26baee11d67a1481cc617f03c49cd03c394ad8046cfbc4f354
SSDEEP

12288:ZwZ6KdUrzIrd+Nr1eK8Ml8ugxtpEvWIUJ4I/TBAvJ2TV8:rKKrzIxie9MAxnVf9/lAvsTV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
259310d7b18e95da814918c17b440a18_JaffaCakes118

Files

259310d7b18e95da814918c17b440a18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91774ac56f1658c042aef4f9639ea50c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
VirtualProtect
LoadLibraryA
ExitProcess
GetLastError
OpenThread
GetThreadContext

user32

PeekMessageA
PostMessageA

Exports

Exports

GetAsmgqhmtpw
Usgtjyoaieu

Sections

.text
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 3KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 684KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enill
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ