4a73a1bfbc284b0856e8cb884ad1cfe2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a73a1bfbc284b0856e8cb884ad1cfe2_JaffaCakes118
Size

69KB
MD5

4a73a1bfbc284b0856e8cb884ad1cfe2
SHA1

5aaeb943b1448b1c16b3a4884597b3ee514d544d
SHA256

6080a2c69da0e76f3ae620d3a044d0766fe9ec0ed063bf3d3c5e64dd3791d895
SHA512

073f38c2c5b61d2340938629ee77789c5f835ef7e3370090fc10e55d38fec1e817bfe82d44e54f22fa5213d5d2dab4649c3ac01bc3fbe5f654d997236116f344
SSDEEP

1536:4WHRCxS3IqejAo++0eU8+d0RgJ85PeSxKtAJ7vLpBfQYvXj5VIslqDh0G:fx4B1l+d0RgJ8ZeCK+6Y7Isgh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a73a1bfbc284b0856e8cb884ad1cfe2_JaffaCakes118

Files

4a73a1bfbc284b0856e8cb884ad1cfe2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0acaa8fe9242b5e1f33d5f4cf1301700

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
LocalShrink
GetEnvironmentStringsW
UnmapViewOfFile
UnhandledExceptionFilter
RtlFillMemory
SetConsoleCtrlHandler
GetLargestConsoleWindowSize
MapUserPhysicalPages
FindFirstFileA
GetThreadLocale
GetLogicalDriveStringsW
GetCurrentDirectoryA
GetSystemDefaultLangID
WaitForMultipleObjectsEx
FindVolumeClose
GetCommandLineA
ExitProcess
GetStartupInfoA

Exports

Exports

Wfetnnn

Sections

.text
Size: 5KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE