2883c0cfa3e8b3cd3ed24f9fb244a2b6_JaffaCakes118 | Triage

Sharing

General

Target

2883c0cfa3e8b3cd3ed24f9fb244a2b6_JaffaCakes118
Size

244KB
MD5

2883c0cfa3e8b3cd3ed24f9fb244a2b6
SHA1

18866fcc2d501fd7a3a11b993b335e58f8127c7d
SHA256

6ae7ffa73c66212fbb0639a5f91d4fb5f453dfea7d4554c89370c519bc2ea7a1
SHA512

8736af411e8f5e941eec8f5c4bd92615ba7128a4094a8d2176639310d5a628cec9cc6930bc0460942c7d7512a33206ae167a4d00f6869110191b14e4fd69b5ff
SSDEEP

6144:M9dwc01sicvZ6bTU6zmyML4tVUgvouoe5dT:M9dieicvAXbmtL4tVke5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2883c0cfa3e8b3cd3ed24f9fb244a2b6_JaffaCakes118

Files

2883c0cfa3e8b3cd3ed24f9fb244a2b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21ad0e47ba32daaa1ba3cc612f102b15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
WriteConsoleOutputW
EscapeCommFunction
GlobalSize
LoadLibraryW
GlobalFlags
BuildCommDCBA
CreateDirectoryExA
MapViewOfFile

user32

LoadMenuIndirectA
CheckDlgButton
GetMenuItemInfoW
GetProcessWindowStation
CreateAcceleratorTableA
CharNextW
GetSystemMetrics
GetKeyboardState
CreateWindowExA
IsWindow
ExcludeUpdateRgn
SetProcessWindowStation
GetKeyState
SetRect

gdi32

CreatePatternBrush
SetICMProfileA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE