291b38de292646c57463a49c0dee3142_JaffaCakes118 | Triage

Sharing

General

Target

291b38de292646c57463a49c0dee3142_JaffaCakes118
Size

116KB
MD5

291b38de292646c57463a49c0dee3142
SHA1

1fac99eb553a4bb383c73603fadfe9bf3e8e81a8
SHA256

465d8673255be35a552c7bd7b16919b792ced43b886f9e223e7324d55c206a81
SHA512

b381e9722d4b77a7c2bfddbf7f3fe7f4bc665be5911bb0a43d3d38492c5ab53b395f5f7c1cd33d3018ca1ab667ce0f5ce51a93ea184f345b0389313c0c6442fa
SSDEEP

1536:wkk1AiugvILLuofxO17XWsJ6IA0utXlbOuOZzKOh+ZpkSXmryIQ0Io50WMDI/5A5:wkRuWuofxs7HJw0uXYso8RIOo8DIxw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
291b38de292646c57463a49c0dee3142_JaffaCakes118

Files

291b38de292646c57463a49c0dee3142_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3503066ff64ff21842f279bbd1c10e3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenJobObjectA
WriteConsoleOutputAttribute
WriteConsoleOutputA
GetConsoleKeyboardLayoutNameA
GetVersionExA
GetCommConfig
ReadConsoleOutputAttribute
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.at2sec0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.at2sec1
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.at2sec2
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.at2sec3
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ