a645a2d38180aa57954f4aa1f304cdb2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a645a2d38180aa57954f4aa1f304cdb2_JaffaCakes118
Size

141KB
MD5

a645a2d38180aa57954f4aa1f304cdb2
SHA1

8ffd0a2ef5e6e345589bb1a5bf8936de52c7392f
SHA256

4a7ab0fde589437cb5de8a317898a6ab3f39bc3912a90dfbd6d1748b874da4fa
SHA512

209d6189db4c4d569fb01b355a9a07f1e2dbd8fccedacc216a2c403c44cb61568dff6c6175892beab4bb9348ef0fb12ccce621d18fe06e24c314fdbaab02d7ee
SSDEEP

3072:uVaUZy5wfJszlZAd9Gy2fWmmqvcosnGRh4ImEOQ8e1iN0icpV:uEl5cJs4QmqnLVONe1iC5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a645a2d38180aa57954f4aa1f304cdb2_JaffaCakes118

Files

a645a2d38180aa57954f4aa1f304cdb2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5aa8a9091e822b80c256b61011b716f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProfileStringA
GetTapeParameters
GetSystemInfo
ReplaceFileW
IsDBCSLeadByteEx
GetCommState
FindNextVolumeMountPointA
SetConsoleNlsMode
UnmapViewOfFile

user32

EnumDesktopWindows
EndPaint
GetCursorPos
IMPSetIMEW
GetKBCodePage

Sections

.text
Size: 9KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ