84d88ff3fe0b06251d57b17022554891_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84d88ff3fe0b06251d57b17022554891_JaffaCakes118
Size

180KB
MD5

84d88ff3fe0b06251d57b17022554891
SHA1

be9ed7ab697aedf766eb3a42c6c8a9393cedae9a
SHA256

1b5f1bfcaf818c5d826c851d85ee240cdc3ac36fdfb9cf9e0d6f0bebcb137037
SHA512

1c0f3de3afb13a044d35e592279a785ba865b3537e84e900d39522867529e2fa00f86ed397934105dd94098eb27dbbc0f2de3aee379e3c5adb6c5947dfe2fccc
SSDEEP

3072:gp+KaBWVjL6FCMHqsefpvGd4WgL2eEDhf3iQaKz1caa1/16DPh+x1OQyMpYyk/y6:uF+9HjehvGpIKf80ianDPMxIQywm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84d88ff3fe0b06251d57b17022554891_JaffaCakes118

Files

84d88ff3fe0b06251d57b17022554891_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2bd87f4ff3ec995bd98158bf0952f21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadSelectorEntry
OpenJobObjectA
CreateFileA
FindAtomA
GetConsoleInputExeNameA
GetDateFormatA
GetDiskFreeSpaceExA
VirtualAlloc
EndUpdateResourceA
GetProcessIoCounters
DeviceIoControl
SetEvent
GetCommandLineA
CopyFileExA
GetProcessVersion
GetConsoleAliasA
GetStartupInfoA
GetProfileIntA
GetBinaryTypeA
GetFileType
OpenEventA
UpdateResourceA
OpenWaitableTimerA
CommConfigDialogA
WriteConsoleInputA
GetProcessId
InterlockedExchange
WriteProcessMemory
TransactNamedPipe
DeviceIoControl
ExitProcess
GetDiskFreeSpaceA
GetCommandLineA
CancelTimerQueueTimer

ws2_32

send

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 156KB - Virtual size: 802KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ