42d13e0f470214a76fdddd60414d41f7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42d13e0f470214a76fdddd60414d41f7_JaffaCakes118
Size

156KB
MD5

42d13e0f470214a76fdddd60414d41f7
SHA1

15a0d79491ccd6c86609c9b33929a6f829a9ad3a
SHA256

1276fd17cf2c278ba003160aeba7ca037e5ec098d65b03798682b43720ff1f8b
SHA512

6ff18247b4ef9d834db13568aff6424cfa7e5a4fb3a8ca60aaaa26e29cec35a068a9820514115ac53cbd5c083235eda0267cb3f0b37585f7bafbbcc4e0748cd7
SSDEEP

3072:jDYx49u+l6f6AGTGwfSIC3yBIIGDw3y9KrKGW8gtnFDThg9V9TYl8Fn+OL59r6:jb9t6yARwfBdB1Cw3w8gpFXhKV9iOd9r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42d13e0f470214a76fdddd60414d41f7_JaffaCakes118

Files

42d13e0f470214a76fdddd60414d41f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41fba3fc7e8af7726880d62286ff2e6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommBreak
OpenSemaphoreA
LoadLibraryExA
EscapeCommFunction
FillConsoleOutputAttribute
DuplicateHandle
GetSystemTime
GetProcAddress
ReadConsoleInputW

Sections

.text
Size: 153KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_MEM_READ