3a592bd26ce74d941aea0916d114ebd9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a592bd26ce74d941aea0916d114ebd9_JaffaCakes118
Size

6KB
MD5

3a592bd26ce74d941aea0916d114ebd9
SHA1

dcb198e1ecc50922f3dd1b8e37ab7c3de6658ee2
SHA256

80f0d3b276bc8225bdf70bb6491608b10b93ea138f369751e1ffd1d828d15633
SHA512

d859bf72fd11721f9a28b970fc3d65bdd4d16ff423197db437b7072b71f8394ffb0cce65fc8aa08604aa06d45e81ce13cfe0c998b8345748975734299aece763
SSDEEP

96:Owo3SrlRrGzFrnksBpCt8XOb/JHlDDxZab7kp6AU:rcBksB0JFpu7kp6AU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a592bd26ce74d941aea0916d114ebd9_JaffaCakes118

Files

3a592bd26ce74d941aea0916d114ebd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b83a72f7a02fb9a6d6ffc1b01d943c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
GetNumberFormatA
AddConsoleAliasW
CreateWaitableTimerA
FatalAppExitA
CreateDirectoryA
GetConsoleInputExeNameA
IsBadStringPtrA
EnumSystemCodePagesA
LCMapStringA
GetComputerNameA

user32

SetWindowsHookA
SendDlgItemMessageA
TranslateAcceleratorA
RegisterWindowMessageA
DrawTextA

gdi32

DeviceCapabilitiesExA
CreateMetaFileA
GetEnhMetaFileA
GetCharWidthFloatA
ExtTextOutW
CreateDCA

Sections

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icode
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ