6ae918dd1635065d302491cd11192221_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ae918dd1635065d302491cd11192221_JaffaCakes118
Size

39KB
MD5

6ae918dd1635065d302491cd11192221
SHA1

c04a94b8fa234260e7870acbabff6411c85895c7
SHA256

b5ac4ad5d93f5231a026b185bb0ec29b1b2b6f68c310ad1549c626fc6517f06b
SHA512

442d446938ce2caea56c84726b3cb63920032a629dc591d869b98abfa84501cb8f4918292223443215e3b26ca86e7dd6f1e28564faac159d5eb2fead02c94e44
SSDEEP

768:1rUDTe1G0tAahb12jZU4cIzk3l9FfHyWjdTLEE2YsU:1UT8V1UNn/gDfHn5Tl2YT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ae918dd1635065d302491cd11192221_JaffaCakes118

Files

6ae918dd1635065d302491cd11192221_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b2658bca7bb3317e2f452aea019f238

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitCommEvent
GetDllDirectoryA
CreateFileMappingW
GetProcessTimes
VirtualAllocEx
LZOpenFileA
RaiseException
WinExec
GetBinaryTypeA
BuildCommDCBAndTimeoutsA
_lclose
GetConsoleHardwareState
SetVDMCurrentDirectories
SetConsoleCursorPosition
GetLastError
SetCommState
OpenWaitableTimerW
IsDebuggerPresent

user32

SetProcessWindowStation
CallWindowProcA
SetClassLongA
CreateIconFromResource
MapVirtualKeyExA
ToUnicodeEx
AppendMenuA
CreateIconFromResource
GetDlgItemTextA
MapVirtualKeyA
ModifyMenuA
GetDlgItemInt
CharNextExA
RegisterShellHookWindow
SwitchDesktop
EnumPropsExA
FillRect
SendInput

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ