6071ca108e719feb2cd73a745fa34ce9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6071ca108e719feb2cd73a745fa34ce9_JaffaCakes118
Size

32KB
MD5

6071ca108e719feb2cd73a745fa34ce9
SHA1

da4b388ee864aa2171d92eb3b1557ce76ffe8589
SHA256

638e2a340007e7327d8da17079e5df519e2e37b5d4d30374fea7707ab81cdee2
SHA512

7797f3a138bb68d2e8ab2ecc90ddf41b247107219909d75ed5514f3c64297549855411f8110509aa72302192106584be3abcadd59ab707fd87a2f67f95b32a07
SSDEEP

384:QzxBt/fDTOxDSIH2io5S3jzKohJqTV376prjOpVB3qSy+VMeWliqGk5:QFXbqxF2TIKou32Qv6iVMeWk3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6071ca108e719feb2cd73a745fa34ce9_JaffaCakes118

Files

6071ca108e719feb2cd73a745fa34ce9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e57cd5eb24ef212df00ec08bdde17d3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
GetEnvironmentStrings
GetLocaleInfoA
GetConsoleWindow
GetDateFormatA
GetCurrentThreadId
CompareFileTime
FillConsoleOutputAttribute
GetSystemDirectoryW
InitializeCriticalSection
TerminateThread
GetEnvironmentStringsA
ReadProcessMemory
GetNumberOfConsoleFonts
Thread32First
GetEnvironmentStringsW
FoldStringA
FindFirstVolumeA
GlobalFindAtomW
DuplicateHandle
GetPrivateProfileStructA
WriteConsoleOutputA
QueryDosDeviceW
WaitNamedPipeW
GetCurrentDirectoryW
GetConsoleDisplayMode
SetConsoleHardwareState
lstrcmpi
DnsHostnameToComputerNameW
VerSetConditionMask
CreateFileW
EnumLanguageGroupLocalesW
PeekConsoleInputW

Sections

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ