897cf11711f241f115d1537049b093bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

897cf11711f241f115d1537049b093bf_JaffaCakes118
Size

181KB
MD5

897cf11711f241f115d1537049b093bf
SHA1

337d059db50f404d4b5c0406f3b9c5075b975a17
SHA256

11fbd6ce9aa1bac00f260aeff26705009f070297ffe8add37b08488db3562d84
SHA512

bcbfbc6cfa7ddcf07172114c3f20cd14970241567852a1e06718eedfb5ad6fcf2e76516492341625b15a3eafaf80e2c770af97a7663fd8c53dd68e7addc02e6c
SSDEEP

3072:Pc2+n195esUO6MHuUt32Ln6e+QWbjnQgn0vGQ6SZHOhYj6clBCsp2dyeBMeP8SWV:u1jBzm76b/vDDQ6S9f6s8q2yiRv6U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
897cf11711f241f115d1537049b093bf_JaffaCakes118

Files

897cf11711f241f115d1537049b093bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01e672141fb85eb9a38d4426e2e15722

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommTimeouts
FlushInstructionCache
VirtualQuery
SetHandleCount
GetNumberOfConsoleInputEvents
ReleaseMutex
GetShortPathNameW
UnlockFile
ReadConsoleInputExA
WriteProcessMemory
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

GetKeyboardLayoutNameW
TabbedTextOutA
MB_GetString
InsertMenuItemA
DrawTextW
SetForegroundWindow
InsertMenuW

Sections

CODE
Size: 5KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 172KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE