a699d87d49e09980404bc0d0d2f75958_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a699d87d49e09980404bc0d0d2f75958_JaffaCakes118
Size

220KB
MD5

a699d87d49e09980404bc0d0d2f75958
SHA1

26d314c9d373910439b887e3ea111dc297949ffa
SHA256

c422d9e57dd0339da72ab25bdb89fb7d560b6a8ef600dbb82b96b4f7a7b7fdf7
SHA512

172de5b3aad27128d6ea7173e0e21fe945513f1556f30d3a3b1e397cdf867ab19f267f91a3e09e100569dc30933a7f8fe3a52f6aa2bb87441df5c6873fe559ea
SSDEEP

6144:6f8IgX5NrjPlyIpzHduWiupU3qkXAnRyz454l:6f8IOrjPlyKzHFFyaFME

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a699d87d49e09980404bc0d0d2f75958_JaffaCakes118

Files

a699d87d49e09980404bc0d0d2f75958_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cca3f55b304dff35eb7cf907d566eb44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetNumberOfConsoleFonts
HeapAlloc
GetPrivateProfileStringA
FlushConsoleInputBuffer
VirtualAlloc
OpenWaitableTimerA
HeapFree
GetEnvironmentStringsA
HeapSize
QueueUserAPC
HeapValidate
GetDevicePowerState
GetProcessVersion
OpenProcess
GetConsoleOutputCP
SetComputerNameA
Process32First
HeapDestroy
BeginUpdateResourceA
GetCurrentDirectoryA
GetCommandLineW
GetDefaultCommConfigA
SetFilePointer
IsValidCodePage
BuildCommDCBAndTimeoutsW
HeapSetInformation
GetExitCodeProcess
GlobalMemoryStatus

ws2_32

socket

Sections

.itext
Size: - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 180KB - Virtual size: 842KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ