644311f67cee596274413b0314f4634d_JaffaCakes118 | Triage

Sharing

General

Target

644311f67cee596274413b0314f4634d_JaffaCakes118
Size

132KB
MD5

644311f67cee596274413b0314f4634d
SHA1

aa7200c59f2b03bdf560a79f5ea77a603da944fa
SHA256

085277c9586a08c105e303ad8824401acc4000ec9d3e8ac053e5ca3813436ecf
SHA512

f7cc07aa16f7faf07806ea05824d1d331549720d4978e1d7e5004c8425e374867a5e96c05cd3184d1ef6f202f68c105ccf0d1f41adcedc2f9824cfbc4ed12ae7
SSDEEP

1536:Ks4FwVDSOLcAf5Q0gYemPHrxZ0tInrV8a4xxpnljhz+BywXdnQWKuPfJO6TSS:BDRQAXV9rV8BljhLynQ81m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
644311f67cee596274413b0314f4634d_JaffaCakes118

Files

644311f67cee596274413b0314f4634d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56f01f69bdd6294932697f1c07b68991

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
EnumSystemCodePagesA
TlsAlloc
SetCommBreak
FindClose
BindIoCompletionCallback
GetExitCodeProcess
lstrcpynA
WriteConsoleOutputAttribute
GetSystemTimeAsFileTime
CreateProcessInternalA
ReadFile
MulDiv
GetCalendarInfoA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

data
Size: 8KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ