41b20eb7163a100944a634500f3d8946_JaffaCakes118 | Triage

Sharing

General

Target

41b20eb7163a100944a634500f3d8946_JaffaCakes118
Size

53KB
MD5

41b20eb7163a100944a634500f3d8946
SHA1

f35513bc1ffad20cf7729cacb9e6462d8347f732
SHA256

d388c472a2556958128b1c3e06d20daafdabc3532da429791526c6c489b8d420
SHA512

5afbf242b9008eea20f9e4ff32d42e1d783cf2610fe2601676adab1554c78807ad51700fb1a2d45ffa5377708db702b8a7cba5d93fe62496d30af65453735f01
SSDEEP

1536:KCuXtjta47uHu0tfYxvnq6aV9oTQMsVcXGH2ICzKFHJT:Odjta4uHPyi6aPoT1NzKf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41b20eb7163a100944a634500f3d8946_JaffaCakes118

Files

41b20eb7163a100944a634500f3d8946_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f42ae908e2cd7a1d053ec2480f20bf6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
LoadLibraryA
SetProcessWorkingSetSize
GetSystemWindowsDirectoryA
FreeLibraryAndExitThread
WriteConsoleOutputA
FindFirstChangeNotificationW
DeviceIoControl
GetPrivateProfileSectionNamesW
GetProcAddress
SetNamedPipeHandleState
VerifyConsoleIoHandle
GetLastError
VerifyVersionInfoA
DeleteTimerQueueTimer
GetModuleHandleA
VirtualProtect
BuildCommDCBAndTimeoutsW
UTRegister
CloseConsoleHandle
DeleteCriticalSection
GetTempPathA
CreateWaitableTimerW
ReadDirectoryChangesW
EnumResourceLanguagesW

user32

SetCapture

Sections

.text
Size: 5KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE