a1bd14fc96e979d9a85a88ef31a4b863_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1bd14fc96e979d9a85a88ef31a4b863_JaffaCakes118
Size

71KB
MD5

a1bd14fc96e979d9a85a88ef31a4b863
SHA1

0909a9606b7365381f5ddc47954d99c71ac526a0
SHA256

82865280b6ef255174921f5f7830c9cc7f36e1d4441ac14c691186dbe6f18c6d
SHA512

30d0d908eb167d9fc4a66b0e0c17c4666d745be0d95407d09091739bb7a12352a0198b1ca8eef7ce4c59ea54229338d614fa180942dd2853aa97bb2412e38d0b
SSDEEP

768:3O8QxUGfbHphk8iYTetYe/aXyAziCPg7V:3O8vmHphEorjXT1PA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1bd14fc96e979d9a85a88ef31a4b863_JaffaCakes118

Files

a1bd14fc96e979d9a85a88ef31a4b863_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97aa642ac38fe7d4c2eda0af17511378

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetConsoleMode
ReadConsoleA
Sleep
OpenFileMappingA
CreateThread
DeleteFileW
GetCPInfo
ExitThread
GlobalFree
DeleteFileA
GetLastError
OpenFile
SetLastError
WriteFile
FindFirstFileA
GetComputerNameA
CreateProcessA
ReadFile
GetStdHandle
GetFileSize
GetFileTime
FindAtomA

user32

GetMenu
IsWindow
CopyRect
DrawTextA
DialogBoxParamW
GetDlgItem
CreateIcon
GetWindowTextA
DrawIcon
GetFocus

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 17.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 135B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ