317211e3ba29d3c214efab244a63d096_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

317211e3ba29d3c214efab244a63d096_JaffaCakes118
Size

212KB
MD5

317211e3ba29d3c214efab244a63d096
SHA1

bae44b86bdcea627358fb94b37393c4d1d6e2fc2
SHA256

1a2d4482443c9c2dec8fbfe8d38a128b16170c3e8313cc818c1d88e6028eb383
SHA512

650653612a619832a393a0d9fe0af6e01ed14198d390c9a27d4d93dbb6ed74114b6a80c9b860924901c77046d04c8b58f726dbf1d65b78616b0f6ff937850ab4
SSDEEP

1536:8DLoQJHqRZZS44X3Aq+S7MJRgjVujtfhI83AHwwebZfJ3BttVs9+kxhXAAFyQQ0l:wLrJKRZZ9wM/MoRfhZj33BKVrrQ0k6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
317211e3ba29d3c214efab244a63d096_JaffaCakes118

Files

317211e3ba29d3c214efab244a63d096_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0d3f4dc64e966e31cc8d97356372db1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetTempPathA
GetLocaleInfoW
GetThreadContext
GetLocaleInfoA
GlobalAlloc
GetEnvironmentStringsA
SetCommState
CloseConsoleHandle
LZStart
PulseEvent
HeapSize
FormatMessageA
GetComputerNameA
GetCommandLineA
GetExpandedNameA
WriteConsoleInputA
GetModuleFileNameA
GetConsoleTitleA
EnumResourceNamesA
ReadConsoleOutputCharacterA
GetDefaultCommConfigA
VirtualAlloc
FreeEnvironmentStringsA
Heap32First
RegisterWaitForSingleObjectEx
OpenMutexA
GetDiskFreeSpaceExA
ReadConsoleA
CopyFileExA
GetLocalTime
LoadLibraryExW

shell32

SHGetSpecialFolderPathA

mpr

WNetGetConnectionA

winmm

timeGetTime
timeBeginPeriod

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 200KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ