60088238618a90c18353d6aa19019a48_JaffaCakes118 | Triage

Sharing

General

Target

60088238618a90c18353d6aa19019a48_JaffaCakes118
Size

812KB
MD5

60088238618a90c18353d6aa19019a48
SHA1

37f2b003d8de17db526c29dfd4226ea81471ddb9
SHA256

f515573d0ca2cbe253419dbeedb5406843e4265935ad01fb429dfd444af5a429
SHA512

c88fb43f36198c29743daa5da5f90f26893341fab6e9bc0d27c74b4e3b56e8cd314aee0a38f3c40a09fdff8030d7d7375990f8173b1d8fe2fe57db43fbd14f2b
SSDEEP

12288:Mo3lobkqwFm7wO4e8vrDfndk8g3LLypA2dgAgSoXNV1wbeEaiR:Mo3GlZ4FPdk1b2XgVNV1w42

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60088238618a90c18353d6aa19019a48_JaffaCakes118

Files

60088238618a90c18353d6aa19019a48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5501acf08d1f598e145a9bfb38050f5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BackupWrite
GetNamedPipeHandleStateA
GetCurrentDirectoryA
GetConsoleAliasesLengthA
GetMailslotInfo
FreeConsole
GlobalMemoryStatusEx
Sleep
SetVolumeMountPointA
PeekConsoleInputW
VirtualAlloc
GetConsoleAliasExesLengthA
RegisterWowExec
SizeofResource
FatalAppExitW
WaitForSingleObject
SetLocaleInfoW

user32

IsCharUpperW
RealChildWindowFromPoint
ExcludeUpdateRgn
CallMsgFilter
UserRegisterWowHandlers

Sections

.code
Size: 12KB - Virtual size: 9.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 716KB - Virtual size: 714KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE