2af11bca48a28681e33fea200806d85d_JaffaCakes118 | Triage

Sharing

General

Target

2af11bca48a28681e33fea200806d85d_JaffaCakes118
Size

132KB
MD5

2af11bca48a28681e33fea200806d85d
SHA1

14d64e79c404d2ea039e28ac0650b7a20cf52d53
SHA256

fb5ec5004d80ab23794907f2b7669d9b545ec439117dcdf05c1d4e98cd7ab511
SHA512

49303c7f4ed5cbade53ce2c93aec7acdd92f07841bcd97fd19141c3a7cea28d1a506e4153af5836a09071e6d1f2843a3b9139d9b89060d1df79bb2b8862cb234
SSDEEP

3072:xfIG1TwCQHFn+HPEjocC+Rw/DrStNswJgBGD34geRf:xftRfsja+ROrStNnhD3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2af11bca48a28681e33fea200806d85d_JaffaCakes118

Files

2af11bca48a28681e33fea200806d85d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60ba422ac1dbc452f9e5f1a23a94a4c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadHugeWritePtr
WaitForSingleObjectEx
RtlUnwind
ReadConsoleInputExA
CreateJobObjectA
lstrcmp
EnterCriticalSection
WriteConsoleOutputA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

itext
Size: 8KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ