94a45cb6dcf4b3207df0f70dbfd46307_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94a45cb6dcf4b3207df0f70dbfd46307_JaffaCakes118
Size

132KB
MD5

94a45cb6dcf4b3207df0f70dbfd46307
SHA1

54781e041d79bce9d1fb14e513422794aafb493f
SHA256

3debbb1f5bb9a2f187f5c57f8141887c537db09af0cdfd12256788ff2016cba4
SHA512

f863a787a1d80f2b03fd67432e6b5430246f583651435ab5604c9db0b34b31dc5227be8a6cb610a2e74047c9502521b4b1e738623ee8774ff0e42cfbf9296e69
SSDEEP

3072:kGh9r25/o+n+LezquCZNDgEkOpzygQoYsch2OEmXH6Nx:r21h5wHJkIzygNsXt3Sx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94a45cb6dcf4b3207df0f70dbfd46307_JaffaCakes118

Files

94a45cb6dcf4b3207df0f70dbfd46307_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2f0b7b3f585a6b92a379d9b978b9478

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumDateFormatsA
GetNamedPipeHandleStateA
GetFileTime
GetPriorityClass
PulseEvent
QueryPerformanceFrequency
GlobalHandle
GetConsoleKeyboardLayoutNameA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

icode
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

idata
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ