8411189f2ef1b6dd4fcd71204a6de84a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8411189f2ef1b6dd4fcd71204a6de84a_JaffaCakes118
Size

23KB
MD5

8411189f2ef1b6dd4fcd71204a6de84a
SHA1

e7fc9df618607dd2c04f79b09fd679ed343ab5b7
SHA256

84dee25a2a9990ab8c64684e6a2195e5b0ec650b34e3670b39bea39e326a9d45
SHA512

74a7cbdcd17b7f6398b45b7353eb1176795963e0fc97046bf65f06774486d8a7a43e95ecd8dd354fb59979d4b5859dabaf34846245b7b060be4265218d7f45d3
SSDEEP

384:tEclK9jQQEiUm7qL/yZbtI8tepyEaLUvTHMloD8I8wQFASk7p2RX5aHlt5IgvIV:tEclKjxE1aFtI8tPEaLUvzG0IskDaHln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8411189f2ef1b6dd4fcd71204a6de84a_JaffaCakes118

Files

8411189f2ef1b6dd4fcd71204a6de84a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a7560343d0b50711bf55bcede138594

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
GetTapePosition
HeapWalk
GetVDMCurrentDirectories
PeekConsoleInputA
ReadConsoleOutputW
ReadConsoleOutputCharacterA
PeekNamedPipe
GetProfileIntA
CancelDeviceWakeupRequest
GetQueuedCompletionStatus
GetCPInfoExW
ReplaceFileW
DosPathToSessionPathW
PrepareTape
VerLanguageNameA
SetEvent
PrepareTape
CommConfigDialogW
SearchPathW
SetFileTime
lstrcpyn
WriteConsoleOutputCharacterA
QueryPerformanceCounter
_lcreat
FileTimeToDosDateTime
ChangeTimerQueueTimer
RtlMoveMemory
PeekConsoleInputA
VerifyConsoleIoHandle

Sections

code
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ