355ba324850068263eac9007abbd7cab_JaffaCakes118 | Triage

Sharing

General

Target

355ba324850068263eac9007abbd7cab_JaffaCakes118
Size

45KB
MD5

355ba324850068263eac9007abbd7cab
SHA1

46492671ff9695698d7753708f17a76743a0f696
SHA256

6bb6fb11633abc3efe62a01dc068630cd34a756a8b017b528d2a09e8fc1a290f
SHA512

2eda7ac2ca5285ebd1bacfd49b4dff6ac5f7350d0542e6a195db422c18352c3a8ecf4032fb6b7809d3a02b98bcc453e479b6041587ff5bbd57b2c3d77a00c133
SSDEEP

768:qb1rVRbu5WjL/RXCHfHbRk/vx/JXhUA4lFxGd/8SctLKB4ESY:qfI5AXybWrXKA4TxGdEScMtS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
355ba324850068263eac9007abbd7cab_JaffaCakes118

Files

355ba324850068263eac9007abbd7cab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e9904fc301f90477cd737880d7e3b5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RegisterWaitForSingleObjectEx
lstrcat
DosPathToSessionPathA
CopyFileA
GetSystemPowerStatus
EnumSystemCodePagesW
LocalAlloc
GetLastError
TryEnterCriticalSection
GetComputerNameExA
FormatMessageA
WriteTapemark
ReadConsoleOutputW
SetVolumeMountPointW
CreateTimerQueueTimer
GetUserDefaultLangID
ReadConsoleInputExW
LoadLibraryA
SetConsoleNumberOfCommandsW
GetWriteWatch
GetDiskFreeSpaceA
SetComputerNameW
VirtualProtectEx
GetNumberOfConsoleFonts
CreateMailslotA
GetCurrentProcess
SetConsoleCtrlHandler
IsDBCSLeadByteEx
GlobalUnfix
InterlockedDecrement
FindFirstFileExA
IsValidLanguageGroup
GetProcAddress
ConnectNamedPipe
VerifyVersionInfoA
SetConsoleFont
GetModuleHandleA

user32

SetCapture

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE