273e3a0599496dc51f5fa01613dd008e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

273e3a0599496dc51f5fa01613dd008e_JaffaCakes118
Size

104KB
MD5

273e3a0599496dc51f5fa01613dd008e
SHA1

68126e939bb5bf34846647e4b4805f674c80fddd
SHA256

80dc5e4f6359e5b5c0da9c1d944144efa4c7efe990681c6c9d7e7f8fadb99357
SHA512

200572cf077c9602308f8c5b24a36b17943b19dfd96aea0757f9420aa3500c34f540b0da4a5616d92049596c58b97692e534ac157057f070b517eab5a52fa929
SSDEEP

1536:kxZZxvHXWwj1kdW1yyKvyEDFd0rbx/0UOSQlH4m0V2xSek2zUBRI9hv:kxZ7XpqWczyEDb0rdhOzH4m0V2xpz7f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
273e3a0599496dc51f5fa01613dd008e_JaffaCakes118

Files

273e3a0599496dc51f5fa01613dd008e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7231a39d316a000bb91b62882867163f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetConsoleFontSize
LocalSize
ReleaseSemaphore
WriteProfileSectionA
FindCloseChangeNotification
CmdBatNotification
UnlockFile
GlobalSize
_lclose
CreateTimerQueueTimer
SetThreadAffinityMask
GetSystemDirectoryA
ExitProcess
GetStartupInfoA

Sections

CODE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack329
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE