883ce79ee545573d1b326686d63b2dc8_JaffaCakes118 | Triage

Sharing

General

Target

883ce79ee545573d1b326686d63b2dc8_JaffaCakes118
Size

172KB
MD5

883ce79ee545573d1b326686d63b2dc8
SHA1

8796b591fa7125df91531ae950c3edd418bb66fb
SHA256

1f3a9b00dfdd9b0b17376d01b6dcc934f199b41b6e707e03327724004a172b6f
SHA512

cda138ee8b3e7a4c7311dd7ab7c5c1cdc3e57116270e339b45424af6361aa4f02e46b83d6223d248cefe09793d88041583fcb44ada00b541db59ccc6d34b248b
SSDEEP

3072:oYDwGrdNmYF0aNcpx047fhiDk1DzL2HzV3Jy1SR2kqQb0L1A:oYDwGraUwLbhiDSDPMBe+xP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
883ce79ee545573d1b326686d63b2dc8_JaffaCakes118

Files

883ce79ee545573d1b326686d63b2dc8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f0b60494bb9e3f222ed92afdbd59e74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FoldStringW
ReadProcessMemory
ResumeThread
GetEnvironmentStrings
ConvertThreadToFiber
FatalExit
GetDiskFreeSpaceExW
GetCalendarInfoA
SetMessageWaitingIndicator
GetFileInformationByHandle
GetNumberOfConsoleFonts
DosDateTimeToFileTime
lstrcpyA
FindNextVolumeMountPointW
GlobalFree
EnterCriticalSection
GetNumberFormatW
CloseHandle
EnumSystemCodePagesA
SetErrorMode
ConnectNamedPipe
SetConsoleMode
_lclose
LockFile
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.code
Size: 4KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ