7585b98ed50158cba78a5d7d2d94302c_JaffaCakes118 | Triage

Sharing

General

Target

7585b98ed50158cba78a5d7d2d94302c_JaffaCakes118
Size

212KB
MD5

7585b98ed50158cba78a5d7d2d94302c
SHA1

991b085ec6a74fc954911c47e546058b78104cc9
SHA256

90b4d26012e5b9f132811976cf9b6f9ae9209d6819874e645f494b8fa4e10d04
SHA512

1da162c69c1925f46f1efcee64d4a966251ff7242849d762063cfe65f6d986a2a4165037dd6b3e3c6e553a694cae824a4cfdd35fd4e8c2d14a31b8794a8c8879
SSDEEP

3072:OCzNDK3BdUH2r1gydrFRKJLMhbYncza4:T0dUW/dZR+LObN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7585b98ed50158cba78a5d7d2d94302c_JaffaCakes118

Files

7585b98ed50158cba78a5d7d2d94302c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32a600bf9650ac59b2c6d4c0b33aa565

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommConfig
GetCommState
VirtualFree
GlobalHandle
GetWindowsDirectoryA
lstrlenA
GetModuleFileNameA
EnumUILanguagesA
GetConsoleFontSize
GetTempFileNameA
GetFileSize
WriteConsoleOutputCharacterW
GetCurrentProcess
GetCurrentDirectoryA
RaiseException
OpenWaitableTimerA
EnumResourceNamesA
GetDefaultCommConfigA
GetTickCount
GetConsoleAliasExesW
GlobalLock
SetProcessPriorityBoost
FindResourceA
VirtualAlloc
ExitProcess
WriteFile
DeleteTimerQueue
MoveFileWithProgressA
GetProcessTimes
WriteConsoleA

shell32

SHGetSpecialFolderPathA

mpr

WNetGetConnectionA

winmm

timeEndPeriod
timeGetTime

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 200KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ