305359d308ae854d2f464306b69b4e5b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

305359d308ae854d2f464306b69b4e5b_JaffaCakes118
Size

132KB
MD5

305359d308ae854d2f464306b69b4e5b
SHA1

abae6eb21e1164b90e991b8de156ee57bd8bf0cd
SHA256

49c830d5456be6ba657b41f100906b3dab5766d4e4d1ea78a23c4645e0c916f7
SHA512

708fe1a78ff108b76335baccb7ccce610d1c0cb6c02fc76c5e5467c58ed0707e1f44f7e9ca2417e407121f3ece68de3203f3c4438d8575a0789fd98be268fdcc
SSDEEP

3072:w7WL7uUDEP5M4u4IF4hB+KVPqMSjGg+N:VfAM4ux4B+qbQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
305359d308ae854d2f464306b69b4e5b_JaffaCakes118

Files

305359d308ae854d2f464306b69b4e5b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba668bb2935ca62ff19c9f2a9bf5629d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
ReleaseSemaphore
RtlUnwind
GetHandleInformation
GetStringTypeExA
ReadFileEx
BuildCommDCBA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

data
Size: 8KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ