473110757cfa12f431f5bad6925ed9d9_JaffaCakes118 | Triage

Sharing

General

Target

473110757cfa12f431f5bad6925ed9d9_JaffaCakes118
Size

19KB
MD5

473110757cfa12f431f5bad6925ed9d9
SHA1

9436552e8342914670bbc17f583559b8ae9260af
SHA256

8974b808231e88c43f78fd8d69c7d4ff2327a493a4fcce022cd973618f8c529a
SHA512

d7c7941fc6a1cc18e907cf720c94d87706f917809c563535b8741fe2ad19565ae72376ebd01621e7f82cd0eeaf2230e9821448610ff71b0c4848d08f671ef8a9
SSDEEP

192:uX2IOb2BLAj0XvroPgsOa3/oICBHWHiFmyAXxqAgCdJ/BSLVcc83pG/DZ:umI0hQXvJa3/oICYHwmH5/B8ycMpG/1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
473110757cfa12f431f5bad6925ed9d9_JaffaCakes118

Files

473110757cfa12f431f5bad6925ed9d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

711bb33352d16b0e5cfe597754b7f852

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CloseHandle
CreateRemoteThread
CreateToolhelp32Snapshot
ExitProcess
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindAtomA
GetAtomNameA
GetConsoleScreenBufferInfo
GetStdHandle
OpenProcess
Process32Next
SetConsoleCursorPosition
SetConsoleTextAttribute
SetUnhandledExceptionFilter
lstrcmpiA

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
free
malloc
printf
signal

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 112B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE