4495e88e30d4021ce27acd5704b0d4f8_JaffaCakes118 | Triage

Sharing

General

Target

4495e88e30d4021ce27acd5704b0d4f8_JaffaCakes118
Size

308KB
MD5

4495e88e30d4021ce27acd5704b0d4f8
SHA1

125d8467ec52811a8b6241ea6c77dfdce673995e
SHA256

0190ef7c700bc055fd395cfd1db4a381ad406e9aebbea19dce3afec4aef14e2b
SHA512

9d1bd7faca7a30463574f781f9fe030af223f8626556c40bcecc11f4f2caf501c6ac69018968bd73f2447486e61e2ae97d92439e8b4ea4007c1dafdf5dad2f24
SSDEEP

6144:btCyJN7Ac42MKAaNVtIlSsu4QluJIQBBHuch65oIa1OI:bt/42M0PIlbFQlc3BBOc2zgOI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4495e88e30d4021ce27acd5704b0d4f8_JaffaCakes118

Files

4495e88e30d4021ce27acd5704b0d4f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

836ab0c5f1c552570cbd74f80587327d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
EnumSystemLocalesA
GetExitCodeThread
GetSystemDirectoryA
GetWriteWatch
VirtualAllocEx
IsSystemResumeAutomatic
LCMapStringA
TermsrvAppInstallMode
GetDefaultCommConfigA
LoadResource
PeekConsoleInputA
OpenEventA
GetVersionExA
RaiseException
FatalExit
ResetEvent
SetConsoleIcon
GetDriveTypeA
EnumResourceNamesA
FindNextVolumeMountPointA
SetEvent
GetEnvironmentStringsA
ClearCommError
SetHandleInformation
GetConsoleTitleA
SizeofResource
DeleteTimerQueue
GetFileSizeEx

wininet

InternetGetConnectedStateExA
InternetUnlockRequestFile
InternetQueryDataAvailable
FtpSetCurrentDirectoryW
ResumeSuspendedDownload
FtpSetCurrentDirectoryW
InternetCrackUrlA
FtpRemoveDirectoryW

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 296KB - Virtual size: 395KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ