42e3323c73120fdaae2bf00956dbb0d8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42e3323c73120fdaae2bf00956dbb0d8_JaffaCakes118
Size

83KB
MD5

42e3323c73120fdaae2bf00956dbb0d8
SHA1

6b8a1da3b0b4f351fea9f79b6af7dd2eaa446233
SHA256

a823014075ff2b14976035376d413dcfb013d00b51be903c20e5c3e671481bc1
SHA512

b9ea0ba9414ef14440521fbebc40156d067577a45ad0d24fb94e021e21d71801fa20b98a59ba9f86efa8c90e31cdea4d1c095316b5773702f5a3c4dd542e1b4d
SSDEEP

1536:bW8OqA0hJi2BflYRQPDbVJb9JW4bMqNbvjEErxTWDTMqhGKYIZTET8s0C98:bW837iiuRoDbXWebvjBkMqhGKZTbsX8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42e3323c73120fdaae2bf00956dbb0d8_JaffaCakes118

Files

42e3323c73120fdaae2bf00956dbb0d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d382c05b8281ee1d903f9ce4d0c8941b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ValidateLCType
GetConsoleCP
WideCharToMultiByte
HeapWalk
GetConsoleFontInfo
GetSystemDefaultUILanguage
PeekConsoleInputA
OpenFileMappingA
ChangeTimerQueueTimer
CreateFileA
GetSystemRegistryQuota

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE