66f3028b782093505ebd90d14dcfb951_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66f3028b782093505ebd90d14dcfb951_JaffaCakes118
Size

181KB
MD5

66f3028b782093505ebd90d14dcfb951
SHA1

507cb721d3c5627753d8a2eea5c7a2caa813141e
SHA256

67ce7afbdc84136f17dfac8b39118d58540c440335ed56fdf8a6b799ca686a91
SHA512

1dbfefd55c61324910a159008de964bfc376e0ad459f805c1f7ef27db13ad2e6409054143b55ad641a56c92342b7695326716ca4c6a7b175136dea663907a3f5
SSDEEP

3072:BQDIYbzgphj70aq33J5Io+0Su3w7o24gdz30yI6dyU0aUUD1d0/V/s7rszibQv:AEbjhq3+0xw7o2z3pFcU04Imsz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66f3028b782093505ebd90d14dcfb951_JaffaCakes118

Files

66f3028b782093505ebd90d14dcfb951_JaffaCakes118
.exe windows:4 windows x86 arch:x86

768c44cc0e546242b8ad839f9e873c34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetConsoleNlsMode
CloseConsoleHandle
GetConsoleAliasesLengthA
VerLanguageNameW
WriteFileEx
VirtualQueryEx
GetVolumeInformationW
WriteConsoleOutputCharacterA
MoveFileW
SetCommState
GetPrivateProfileIntA
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

CloseWindow
EnumPropsA
SetShellWindowEx
OemToCharBuffW
RegisterWindowMessageW
LockWindowUpdate
EnumDisplaySettingsA
ChildWindowFromPoint
DrawStateW
SetProcessDefaultLayout
UnionRect

Sections

.text
Size: 5KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE