8524a11ddd04b622cfe00451e4d6bd13_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8524a11ddd04b622cfe00451e4d6bd13_JaffaCakes118
Size

212KB
MD5

8524a11ddd04b622cfe00451e4d6bd13
SHA1

ad7a686ce7a543e10f671ae1f87d80b88517de4c
SHA256

43cbca5f9750b3ab8989f2534e32c8968898d288f87788d4d529e1112677bbae
SHA512

1cd805fb10e9fee70cd76b10fa7589e0e1f1a4a8fc4e13794a2946be0468393915c52efe8f20ebc790c688f6ac92f95344837d2cb2728aa9931209589faa6ed3
SSDEEP

6144:IA5ZsTAMLh3UP43kwkFiFnuKqMwsgIbBt:/IAMF3q43kFcuKqMw6Bt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8524a11ddd04b622cfe00451e4d6bd13_JaffaCakes118

Files

8524a11ddd04b622cfe00451e4d6bd13_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a26ebf218fe0d42f87e5e7cb4ccf859e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetConsoleOutputCP
OpenEventA
SetConsoleMode
SetProcessShutdownParameters
SetConsoleTitleA
HeapSize
FlushFileBuffers
GetDllDirectoryA
Heap32Next
IsDebuggerPresent
SetProcessPriorityBoost
HeapAlloc
HeapFree
SetCommConfig
GetCommandLineW
LCMapStringA
VirtualAlloc
ReplaceFile
SetFileAttributesA
HeapSize
GetStringTypeExA
SetInformationJobObject
AddAtomA
FindNextVolumeA
IsValidCodePage
SetThreadAffinityMask
PeekConsoleInputA

ws2_32

socket

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 172KB - Virtual size: 832KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ