4ac1c3f02ab0ae6a9ef3ecea42fe7d12_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ac1c3f02ab0ae6a9ef3ecea42fe7d12_JaffaCakes118
Size

4.2MB
MD5

4ac1c3f02ab0ae6a9ef3ecea42fe7d12
SHA1

1dc20e8353bef6b7a95bcad8836758f73445b57c
SHA256

48e86b59fdc5ab20f165a949fb7beb72da1e4de6977d56dc1f40f702458c12a5
SHA512

247cb38f2a286984f935534947d77b57d5e61ca94814a13906f628e6f2df3e95ebf7141055fae1d0650e305aa9ba6e2f938173e34f5febb696692166f3673566
SSDEEP

98304:HkG0am3GuCMGNlRdvc3pFvt4mlGQkmlooW1hfRDatR8p:Hkxa8CMG1dvc3pFvXl1khf7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ac1c3f02ab0ae6a9ef3ecea42fe7d12_JaffaCakes118

Files

4ac1c3f02ab0ae6a9ef3ecea42fe7d12_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ea2e56c8813e328d126ed6cb25d933fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputAttribute
GetProcessId
WaitForMultipleObjectsEx
IsSystemResumeAutomatic
OpenFileMappingA
FindVolumeClose
CreateSemaphoreA
GetPrivateProfileStructA
FreeResource
CompareStringA
GetThreadPriority
ReadConsoleInputA
HeapSize
FindCloseChangeNotification
GetFileSize
GetModuleHandleA
VirtualAllocEx
GetConsoleWindow
SetConsoleInputExeNameA
VerifyVersionInfoA
GlobalDeleteAtom
GetFileAttributesExA
RemoveDirectoryA
GetProcessVersion
GetThreadLocale
GlobalDeleteAtom
GetProcessHeap
SetTimeZoneInformation
SetLocaleInfoA
DuplicateHandle
GlobalAddAtomA
GetQueuedCompletionStatus
PeekConsoleInputA
ReplaceFileA
Module32Next
ReadConsoleA
PulseEvent
FlushFileBuffers
UnlockFileEx
SetFileAttributesA

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ