888b957856b0487a8ed4821460cd6b61_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

888b957856b0487a8ed4821460cd6b61_JaffaCakes118
Size

14KB
MD5

888b957856b0487a8ed4821460cd6b61
SHA1

0f174f6845c30c22bf8ad467daccfbd349cbb3b8
SHA256

70738815c303fe5abdda76d0a46b6d0ea61156a1d11956cb2cc85bf0b589f3b9
SHA512

bbfdda6bff1743e26ebe2571df81380c07e302ffb1416d9927748414abee2402d043eaec2982ce0bceb18e93dc6ca55ea278ed5b4360ca81e1e449137a86de27
SSDEEP

384:HSQDfAO9ZKKS4WuDFVBPZylCsQBy/0ekyJsdZAiStw:HSMfAOHKKRW4xhcCsSysepmZXSm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
888b957856b0487a8ed4821460cd6b61_JaffaCakes118

Files

888b957856b0487a8ed4821460cd6b61_JaffaCakes118
.exe windows:4 windows x86 arch:x86

deb923dd8f15cbba8cc20ecdd2eb4199

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetLocaleInfoA
WriteConsoleInputVDMA
GetModuleFileNameA
VerLanguageNameW
RemoveDirectoryA
GetConsoleAliasExesA
GetDefaultCommConfigW
GetVolumeInformationW
GetFileAttributesA
BeginUpdateResourceA
CreateFileMappingW
FatalAppExitA

user32

DefDlgProcA
TranslateAcceleratorA
WinHelpA
CharToOemBuffW
LoadCursorA
DispatchMessageW
EnumWindowStationsA
EnumDisplaySettingsW
GetMenuItemInfoW

gdi32

ResetDCA
CreateFontIndirectA
GetEnhMetaFileDescriptionA

Sections

.tls
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 1024B - Virtual size: 886B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 1024B - Virtual size: 838B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ