665bb7c153405c453e7511b1c1ec64a7_JaffaCakes118 | Triage

Sharing

General

Target

665bb7c153405c453e7511b1c1ec64a7_JaffaCakes118
Size

192KB
MD5

665bb7c153405c453e7511b1c1ec64a7
SHA1

225e83a71fd87bcaf5020d4d584abb81c2c8c7e5
SHA256

d88409561da0a20514d028b025bc6b38f5489bda02da0d29b2005bce16a2af2d
SHA512

7fa9b71f708bcd1cc86f16ec5567eb8add95d0b24b94d728e02e296634c99e4a59e25e999e36c0cf371fbc988f3c1bdb895db88be091041a8b45ed3d326590c4
SSDEEP

3072:0B+sOv/bGyhnnELX/aXcTOrkOKAUiYHPs1h2hDuoVkbbvchmF8bykKIZV:0ETnbGyxEbhTJOKAQkUI7ubmwZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
665bb7c153405c453e7511b1c1ec64a7_JaffaCakes118

Files

665bb7c153405c453e7511b1c1ec64a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41909f5986c3e2ccfd8f5b52bfe87640

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeviceIoControl
GetCommandLineA
GetCurrentDirectoryA
GetConsoleAliasA
VirtualAlloc
GetSystemDirectoryA
GlobalHandle
GetNumberOfConsoleFonts
GetCommMask
SetConsoleInputExeNameA
GetTimeFormatA
GlobalAddAtomA
GetThreadTimes
CopyFileA
SetFilePointerEx
QueryPerformanceCounter
GetCurrencyFormatA
DeleteTimerQueueTimer
WriteConsoleOutputA
GetCommandLineA
InterlockedExchange
DeviceIoControl
WriteProfileStringA
DeleteTimerQueue
ExitProcess
GetVolumePathNameA
CreateFileA
AddConsoleAliasA
QueueUserWorkItem
LZCloseFile

ws2_32

send

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ