4cecd2466c414ec8011847c05409c9ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cecd2466c414ec8011847c05409c9ef_JaffaCakes118
Size

24KB
MD5

4cecd2466c414ec8011847c05409c9ef
SHA1

fd7a3b9a8836a66976d99e2feb5039327a4d6eee
SHA256

9d41a518f0f498393b1a4da11672af39ed6f9cc9e2a7f37e51041c96ce805d92
SHA512

8a8603254ce08027247e06b5f7fa6c0c653e30b905c21c8726be57dd2d7cdfc98343011bbe6ecf1e7e3b03a88441a8fe19470af1402f5b56bd7563ce110b6f8f
SSDEEP

384:UGlKr357O72Ujk0F7YP6GBHIZqYajo1PlTSQh48G9ooUa6QMU:FluJ7O72HO71GBHp7utTfh48PoUa6HU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cecd2466c414ec8011847c05409c9ef_JaffaCakes118

Files

4cecd2466c414ec8011847c05409c9ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19784eaacbe0d8b9b84ab196eb8c4681

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetStartupInfoA
WriteConsoleA
IsBadCodePtr
InitializeCriticalSection
ExitProcess
FreeLibrary
lstrcatA
SetCurrentDirectoryA
GetSystemTimeAsFileTime
GetCommandLineA
GetVersionExA
VirtualProtect
GlobalAlloc
FindResourceW
SetStdHandle
HeapAlloc
GetTickCount
WriteFile
SetConsoleCP
GetACP
InterlockedCompareExchange
ReadFile
SystemTimeToFileTime
LCMapStringW
InterlockedExchange
GetOEMCP
SetFileAttributesW
GetModuleHandleA

user32

RegisterWindowMessageW
DrawIcon
GetWindowTextLengthW

msvcrt

_exit
wcsncmp
_amsg_exit
_fileno
malloc

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE