720f917b340048aff17c0fc166355fbb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

720f917b340048aff17c0fc166355fbb_JaffaCakes118
Size

31KB
MD5

720f917b340048aff17c0fc166355fbb
SHA1

9535cace857bbc0d0314dd28f969031c66e45fd9
SHA256

1393f84762e433cc46951fae080dc35e6351661e87c0166f3d7daeb9666cae7a
SHA512

6fac04ac1d61f59a4a70485d124c1bb9ffae5c949997198deceb7954831f67947ddead99b258cafef0ee309dde071c35fea80ae1ea2cbd1eb0d938e3493db553
SSDEEP

384:ZyGmeNRY6Q8MbzxSrm9UIoWkdPdkiw8kIGveSCLjE7yFJWEb/Z6coH2Xe1Wdrhmf:aeNeM3CIGGRHK8/ICOar0SWIVc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
720f917b340048aff17c0fc166355fbb_JaffaCakes118

Files

720f917b340048aff17c0fc166355fbb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7999b59a8ff77192c84da640578f06d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
CreateHardLinkW
BuildCommDCBW
LocalFileTimeToFileTime
InterlockedExchange
DelayLoadFailureHook
GetShortPathNameA
IsSystemResumeAutomatic
GetNamedPipeInfo
GetSystemDefaultLCID
TlsAlloc
EndUpdateResourceW
CreateDirectoryExA
SetConsoleTitleA
GetStartupInfoA
GetLocaleInfoA
WriteConsoleInputW
FillConsoleOutputCharacterW
CreateProcessInternalA
MapUserPhysicalPagesScatter
GlobalUnWire
BackupRead
CreateEventA
Heap32Next
GetProfileSectionW

Sections

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ