ab14d5e2cae25795a7b0554b29578ee1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab14d5e2cae25795a7b0554b29578ee1_JaffaCakes118
Size

92KB
MD5

ab14d5e2cae25795a7b0554b29578ee1
SHA1

24756c36912924c046ce6ed1d3f4627b37e0514f
SHA256

c1518798cc279a712eba98218f91c69ac70d2e29072488490b7ed6d9823687bd
SHA512

e71d05ccddaef5100ffd79286bedaf32500b8346f2d3fd84e876995072f44e6bf47e7ba5c698c418b2742f30e85dba964e66c7fb0a443cf63458b0d962d22afa
SSDEEP

1536:ll54fbWMduoP9rmnm1LFbpjd52gg0L4Z83YacIyP/69QAq0Gb8/Z5H83oKz:v5AuoPJ1FR+90LIKYBbWq0GQP0oKz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab14d5e2cae25795a7b0554b29578ee1_JaffaCakes118

Files

ab14d5e2cae25795a7b0554b29578ee1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cdf104b555f17322c35ec43c5f0e9e4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TryEnterCriticalSection
NlsGetCacheUpdateCount
GetTempPathA
InterlockedIncrement
FindNextVolumeMountPointA
GetCommTimeouts
GetDefaultCommConfigA
CallNamedPipeA
ReadConsoleOutputCharacterW
OpenJobObjectW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 36KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE