66b72aa6bb38464107bf27f3e4717e31_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66b72aa6bb38464107bf27f3e4717e31_JaffaCakes118
Size

64KB
MD5

66b72aa6bb38464107bf27f3e4717e31
SHA1

ffac25875ce713f5daa98eb82a874b060f4f95cf
SHA256

0f9d06c4d7d33f6a12cba24c991930cdcc20bb910c99fa404801805c06edda97
SHA512

4cdcd1dc7d84f51903af1d7969083cbfc0ee224b24af3b0dd55f4038546cf4c6451bb06e5dfbdda16fb5f01b01f6294b9f138119e415c4ab52dcb9db4ef48f4f
SSDEEP

1536:xkg1BL/zF2uO84dU18WKdCO9KnSmwJm/:y0L9OXa19Ajm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66b72aa6bb38464107bf27f3e4717e31_JaffaCakes118

Files

66b72aa6bb38464107bf27f3e4717e31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44b514ff782ff88355e3d11c280fb25d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommState
GetOEMCP
GlobalSize
DeleteTimerQueue
CreateSemaphoreA
lstrcpyA
GetDefaultCommConfigA
GetEnvironmentStringsA
GetCurrentConsoleFont
OpenProfileUserMapping
GetNamedPipeInfo
ClearCommBreak
HeapCreate
OpenJobObjectA
GetExitCodeProcess
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.rc3sec0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rc3sec1
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rc3sec2
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rc3sec3
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ