277d2be6c105b5bbcf6e80343b687f21_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

277d2be6c105b5bbcf6e80343b687f21_JaffaCakes118
Size

115KB
MD5

277d2be6c105b5bbcf6e80343b687f21
SHA1

194f27f278288e8f7fa43ae873a816009f79cdf2
SHA256

4d6dc62ecca320c690039914d27b487222cb0cdc9f859d1a4a1b5a234cd35943
SHA512

8aa29d9d0622456eb637bf11afa44180dfbdcd4394bd42e00bb640e0e5f7ac0ba29df2a61a8061169375bdec3ad1c9a7be3d4bc21f9160de5177a423e8f7dde6
SSDEEP

3072:tDPBwaL2AiA5EBPnBpHYftFxjfuR9ZB5i6gB0OK6MPZn:tWailA5EBPMxjqZfi6gB9K6MPV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
277d2be6c105b5bbcf6e80343b687f21_JaffaCakes118

Files

277d2be6c105b5bbcf6e80343b687f21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5201d8ef5f971c3012b111a5d3720f1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
EnumSystemLanguageGroupsA
GetOEMCP
GetProcessShutdownParameters
HeapFree
lstrcpynA
Module32NextW
FreeConsole
FindVolumeMountPointClose
GetHandleInformation
FillConsoleOutputCharacterA
FindNextVolumeMountPointA
GlobalGetAtomNameW
GetConsoleScreenBufferInfo
GetFileSize
LoadResource
CreateTimerQueueTimer
GetConsoleAliasW
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE