424f162faf8f3521867ca42b7927087b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

424f162faf8f3521867ca42b7927087b_JaffaCakes118
Size

41KB
MD5

424f162faf8f3521867ca42b7927087b
SHA1

15a1a74fc18e68b4c0bc17bb302adf4fc23b3ed0
SHA256

9dd6817eee0bc1e1aa56150fedf08e464c41c6d373a1b2c24be993e526b0153b
SHA512

37905ffd2c4250b2f8d90598713b1d587a1536d8942c773ab71c0235f99a9404d6f6c950d3eacff8c9ee4a278018fff64f4300956ed2ecc204fe4ecb12e03f26
SSDEEP

768:GY/BHHXw1ufVeuUzdkqot/2+JHVd4+ajWJLlolFj29Vu+yPCP45rrBmW0KD78Qm:GYBnAeBUc2MeEJp4jrU4xrcgD783

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
424f162faf8f3521867ca42b7927087b_JaffaCakes118

Files

424f162faf8f3521867ca42b7927087b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b13924551a6f29a126542a1c4555ee17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LoadLibraryA
GetCurrentProcess
RegisterWowBaseHandlers
VirtualProtectEx
DelayLoadFailureHook
ConsoleMenuControl
GetNamedPipeHandleStateW
CreateSemaphoreA
SetComputerNameExW
SetThreadExecutionState
SetConsoleCP
CreateHardLinkA
WriteConsoleInputA
Beep
lstrcmpiA
EnumResourceTypesW
GetOverlappedResult
WriteConsoleOutputW
GetLogicalDriveStringsA
Thread32Next
AddAtomW
GlobalFindAtomW
EnumSystemCodePagesA
GetNumberOfConsoleFonts
SetCalendarInfoW
SetConsoleCtrlHandler
GetProcAddress
CreateNamedPipeA
ReadConsoleOutputA
SearchPathA
CreateWaitableTimerA

user32

SetCapture

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE