2afe7ffe40d26b9b1ec2b5637f5041ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2afe7ffe40d26b9b1ec2b5637f5041ba_JaffaCakes118
Size

104KB
MD5

2afe7ffe40d26b9b1ec2b5637f5041ba
SHA1

36b1495259de1d4fc75fd7d2bc4156060c8afd7f
SHA256

53e2fd72cefed73cfeaac3b358f3fecf411d482a14ae66e51b2cf6e24f4b0169
SHA512

fac9c55cbf3107b68573aad24327b75f3b6304491d8f670c0457762b7e7e5fbf1dcdf9f2cbacc62f474084dd0f145f6ff68820dc0d5230d86bd3ce5f219e9936
SSDEEP

1536:o06i4ZXQ/tXeUGTG/WtZpeWorVTNP6IO9hOOUWmaoeIrKN/q8pLJb9zj9Usslwk:oO4RWtXFjImVNS99RpQrKFq8p9b9j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2afe7ffe40d26b9b1ec2b5637f5041ba_JaffaCakes118

Files

2afe7ffe40d26b9b1ec2b5637f5041ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

327c05a25245d630fb38cf4b7cef1484

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
SetThreadPriorityBoost
RtlMoveMemory
SetErrorMode
ReadConsoleOutputA
GetStringTypeA
ResumeThread
SetConsoleFont
GetConsoleCharType
GetFileSizeEx
GetProcessHeaps
ExitProcess
GetStartupInfoA

Sections

CODE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack329
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE