3a4cdae88d7232def33b2addc24ef03f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a4cdae88d7232def33b2addc24ef03f_JaffaCakes118
Size

132KB
MD5

3a4cdae88d7232def33b2addc24ef03f
SHA1

b403abfe0ca0d1654d536691eb30b53b817dd1a3
SHA256

989b3ca5f09877ab1dbba985a68b462fffa0480e85ef6e38a891d66b511bf36a
SHA512

71ab4fba54384cd83edf52d9447fb36d40af42f307a9c3394814c7c7937153a2af865d6884328cd97120ee3d2fb4a6c8bfab88f68594b45b308cf97b6e877894
SSDEEP

3072:A801SYrUqFlNXZrIEi6Y2h/oLVe/d7fS:A8szrNdIh6blmk/dfS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a4cdae88d7232def33b2addc24ef03f_JaffaCakes118

Files

3a4cdae88d7232def33b2addc24ef03f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d8f025561074ca344cae1e76ebc57fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommMask
SetConsoleActiveScreenBuffer
EnumSystemLocalesA
SetPriorityClass
ReadFileEx
UTRegister
EnumCalendarInfoA
DefineDosDeviceA
TryEnterCriticalSection
GetNextVDMCommand
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

PESEC0
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PESEC1
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ