4222d16017d8df77da11d20e35cd9918_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4222d16017d8df77da11d20e35cd9918_JaffaCakes118
Size

83KB
MD5

4222d16017d8df77da11d20e35cd9918
SHA1

d05c44fc5b4bd3a88fb9ad4b7d55627e26fd73e5
SHA256

b8cd457636c609c794345be73a1ad657b80833beec6fed6b9d9ce27bf257a315
SHA512

78d9a9db90e0f8c7379cea40cc0e3d33e591fc147250756dbbaedd82a71ed3e2d460f87d4d4ee7efc7f5cc7a8ab8e53863e100b5bac69e4f8e33cdf6e16e85f8
SSDEEP

1536:Hw9mBvAwcr37X2ZstnLj2/xLOTkvQsrrGj8OiwpCsU/edhZKz/U85u:HVI3jSstnLjsKTK07iD5ekTg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4222d16017d8df77da11d20e35cd9918_JaffaCakes118

Files

4222d16017d8df77da11d20e35cd9918_JaffaCakes118
.exe windows:4 windows x86 arch:x86

399891c5cf73711b1451663525902237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReplaceFileA
GetNumberOfConsoleFonts
QueryPerformanceCounter
LZClose
GetNamedPipeHandleStateA
VirtualAlloc
GetLongPathNameA
SetConsoleIcon
Module32FirstW
WritePrivateProfileStringA
HeapValidate

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE