2919bd5fa8db6f5524f4fdd8006b46e0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2919bd5fa8db6f5524f4fdd8006b46e0_JaffaCakes118
Size

124KB
MD5

2919bd5fa8db6f5524f4fdd8006b46e0
SHA1

a1615672ad227eaa7857d1131f97369bc641ed65
SHA256

c4d351f9b280a404615b1a0f607bd8de065443047fdc49c2008be7db6d69e30d
SHA512

cdb3be999fb24526b9bccb5c0de2840cf1c6839132050e4cb09a62cbe403f608ac39f3a21e15229847a5b54e292299f2c26cbe843ab7528b74fccc87d7f5f0fc
SSDEEP

3072:KEXQiZYhitkmEhIXIr+c18LI7URhLMj4wK8hNProZX:tZE4kIXIr/1NIRhLMj4wro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2919bd5fa8db6f5524f4fdd8006b46e0_JaffaCakes118

Files

2919bd5fa8db6f5524f4fdd8006b46e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c97dd8352d099510c1ce382a474b00b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceExA
ExitProcess
GetCommandLineA
OpenProfileUserMapping
UpdateResourceA
SetMailslotInfo
ChangeTimerQueueTimer
GetConsoleTitleA
VirtualAlloc
TerminateJobObject
GetCurrentProcess
CreateNamedPipeA
GetStdHandle
GetModuleFileNameA
GetCommandLineW
GetConsoleTitleA
GetCommState

user32

ChangeDisplaySettingsExW
GetKeyboardLayoutNameA
MonitorFromRect
RegisterSystemThread
SetDlgItemTextA
ReleaseDC
EnumWindowStationsA
ReleaseCapture
GetWindowThreadProcessId
GetKeyboardLayoutList
DrawFrame

ntdll

RtlGetLastWin32Error

tapi32

lineCreateAgentSessionW
lineConfigDialogEdit
lineDrop

Sections

.textbbs
Size: - Virtual size: 704B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 112KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ