4bee1b0e12d0196b41dd388886ae1eaa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bee1b0e12d0196b41dd388886ae1eaa_JaffaCakes118
Size

108KB
MD5

4bee1b0e12d0196b41dd388886ae1eaa
SHA1

6ef2e93679bb743c8b06a106d993427d26ad65c5
SHA256

06b45b95a7b5e53c6fcdba7a20e3ebc4e68d224722a53ae646f4b330b27634ed
SHA512

e1e84ff294374e15a59e9cda588b549d4a56c64440077c3b0a8231c27361d51f9d7da8f8abc24fe6fa77ffce3d71325e36404cd109bbb32a7eeb1ed6c3887aa0
SSDEEP

1536:zV2lCP5Kai6y7Xu3e0XFjfG1HjC/cKX4SkRiDJZ2H0TyNjbetTCtDxk:zPxKgXFjgl04SRJZQjbETCtO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bee1b0e12d0196b41dd388886ae1eaa_JaffaCakes118

Files

4bee1b0e12d0196b41dd388886ae1eaa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8409687357c8fb9ac1236279efaa8607

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RegisterWaitForSingleObject
FatalAppExitA
QueryInformationJobObject
WaitForSingleObjectEx
InterlockedDecrement
OpenThread
lstrcpyn
CreateMutexA
GetProcAddress
DeleteTimerQueueEx
ScrollConsoleScreenBufferA
RtlZeroMemory
CreateHardLinkA
GetNumberOfConsoleFonts
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

text
Size: 8KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ