856b1c95da5d9d65f3d1c98fbde606fe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

856b1c95da5d9d65f3d1c98fbde606fe_JaffaCakes118
Size

128KB
MD5

856b1c95da5d9d65f3d1c98fbde606fe
SHA1

d2a713e26cb87a0fc6e031f11d9d630b3a88c86f
SHA256

194d0bb7f4de0b6e267586b652866a9b2a02eac6be69bb49ab388c02a0ad1926
SHA512

794286c7adee0746ab1fdc887cf1471cabcc0984184abc77cb43d06f33db48c89bf112b7f1ba6954ba101c7c60c1562bbce60c49a31d908871451ed9353e4680
SSDEEP

1536:w8B9MnT82qQnl2JDYnFiXcgfDlY+tTKhY+l1cIpOHE:w8zMnaQnlg28hfi+tem+B8H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
856b1c95da5d9d65f3d1c98fbde606fe_JaffaCakes118

Files

856b1c95da5d9d65f3d1c98fbde606fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87151cf4a2e8a4445c1694e5257df4f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputAttribute
VirtualAlloc
SetHandleInformation
GetLogicalDriveStringsA
IsBadWritePtr
LoadLibraryA
OpenSemaphoreA
GetModuleFileNameA
SetFilePointer
ReadConsoleInputA
PurgeComm
WaitForMultipleObjects
SetFileAttributesA
FindFirstFileExW
HeapDestroy
IsValidCodePage
GetComputerNameA
InterlockedExchange
GetFileSize
IsBadCodePtr
lstrcatA
GlobalAddAtomA
GetEnvironmentStringsA
ReadConsoleOutputAttribute
ExitProcess
GetCurrentDirectoryA
GetProcessIoCounters
SetVolumeMountPointA
SetWaitableTimer
GetWindowsDirectoryA
ResetEvent
DeviceIoControl
UpdateResourceA
SetLocalTime
ReleaseMutex

uxtheme

IsThemeDialogTextureEnabled

Sections

.data
Size: - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 116KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ