86ea9abf6075fd6187c62c300e621582_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86ea9abf6075fd6187c62c300e621582_JaffaCakes118
Size

132KB
MD5

86ea9abf6075fd6187c62c300e621582
SHA1

2368721d03371f6b382a993bb97d6fee3d362b51
SHA256

1870b3e4b7864e727aef18ba7e6fe653c88f160bc167b67cafba46c821c6e247
SHA512

aa7458b4c3e7bf3ff25c4e562a62718fd3918e4ace6841d3fdb67a2ced9abae9e6589c02687be70d0b2d32f2192ffe798f0f6ffebeecf74a6733eb6e25c3c2c0
SSDEEP

1536:3fPRJqwYxnMayXX5kJoszanIp7eozg4982h1d6+KtYDCkPInhJNR0xUgctnHLMqt:3fPR9QLEChzM+mELK0InvSwgqt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86ea9abf6075fd6187c62c300e621582_JaffaCakes118

Files

86ea9abf6075fd6187c62c300e621582_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f297cd6ddd2893d2724411c8a32c7e14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
CreateThread
GlobalUnlock
ExpungeConsoleCommandHistoryW
GetNumberOfConsoleInputEvents
BuildCommDCBAndTimeoutsW
GetCurrencyFormatW
ClearCommBreak
MoveFileWithProgressA
GetCurrencyFormatA
HeapValidate
UpdateResourceA
FindVolumeMountPointClose
GetTickCount
SetTimerQueueTimer
LCMapStringW
GlobalUnlock
SetConsoleOutputCP
GetConsoleCursorMode
VDMOperationStarted
AreFileApisANSI
FormatMessageW
VirtualFree
GetThreadSelectorEntry
GetNumberOfConsoleFonts
GetNumberFormatW
GlobalAddAtomW
HeapSummary
IsSystemResumeAutomatic
GetFileAttributesExA
FindResourceW
EnumTimeFormatsA
ClearCommError

Sections

.data
Size: 8KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ