47a846c76f070a961fd22e5b63f1bd07_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47a846c76f070a961fd22e5b63f1bd07_JaffaCakes118
Size

80KB
MD5

47a846c76f070a961fd22e5b63f1bd07
SHA1

2a7324056a74f89191986c1c20e788b407a5f55f
SHA256

56eaec572c5d1febf327de100abe926d8c9739970ea942227e606c0dc944b534
SHA512

3472895e6951d73cffbad1f53213d28a8b665dc8ef48838ce04add03ca67f23094c8683b319529cc9660b059f696d08fd394541213c49710b8bc97c22a6d6db4
SSDEEP

1536:DQtR3TXmxE+/Z85PQYdnIy9982hW8fPL:0jj8MPQMnIC98vYL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47a846c76f070a961fd22e5b63f1bd07_JaffaCakes118

Files

47a846c76f070a961fd22e5b63f1bd07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac50cafbf4ca60da2e7897543013e944

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FoldStringW
CopyFileExA
GetCPInfo
IsDBCSLeadByteEx
QueryActCtxW
WriteConsoleInputVDMW
OpenSemaphoreA
GetStdHandle
Module32FirstW
GetDateFormatW
PeekConsoleInputW
GetConsoleKeyboardLayoutNameW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE