a3a29011ec74e75f40200c0f87f5ef39_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3a29011ec74e75f40200c0f87f5ef39_JaffaCakes118
Size

56KB
MD5

a3a29011ec74e75f40200c0f87f5ef39
SHA1

70198a9b24792fcb13937e3f2b7162cb80d698ba
SHA256

dcbdaf60f316e3fb915fe277192d85cdf57626d07550d542cd77eb9f8d81f582
SHA512

2a6c2c32700a47d0f082bddf18c621351816113bb6bb18108fd2e79b6740e609c3a19bc78a29ae7a685340cec3ba2f46622eca928ecf7c5f25c5ec688528c074
SSDEEP

1536:kpcH87MWHC37sgJeHqBPECAu0o/7Uq00rys/VoPSp4:YcTWi37LJeEcRufAq0ns9oqp4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3a29011ec74e75f40200c0f87f5ef39_JaffaCakes118

Files

a3a29011ec74e75f40200c0f87f5ef39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9dc8e93e1dc0189202349e1eedf515f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleMaximumWindowSize
CreateTimerQueue
VirtualQuery
AddAtomA
lstrlen
BaseUpdateAppcompatCache
SetThreadUILanguage
NumaVirtualQueryNode
ReadConsoleOutputW
GetStartupInfoA
SetCurrentDirectoryA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE