b1213368877125ae61b0745302acd4b7_JaffaCakes118 | Triage

Sharing

General

Target

b1213368877125ae61b0745302acd4b7_JaffaCakes118
Size

24KB
MD5

b1213368877125ae61b0745302acd4b7
SHA1

16a252f91813f909c31a562af54037846ddaec38
SHA256

957192c694a5dd00cf04f2289b8d286952b25b1d668439a84804a0ff1f552a9f
SHA512

d0efc554ca8c50131e2e893a37bec42ecbfcff655e1ee46fe166a4b8658a1e03cc621d27d05e773dd9e061a127ff73ccba18d516c78f4151530b8484c58d8d63
SSDEEP

384:KPWijrOFAK9d0hPohB0M9is1sn0/Mcteje6s+m718PasHdez1UKc:K/GFAK9i5sri0TKU7711skp+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1213368877125ae61b0745302acd4b7_JaffaCakes118

Files

b1213368877125ae61b0745302acd4b7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3d8d7beb5fc06d08585103c361dc4565

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchangeAdd
IsDBCSLeadByteEx
ConvertDefaultLocale
BeginUpdateResourceA
OpenMutexW
SetFileApisToOEM
GetVersion
ReadConsoleOutputA
GetCurrentProcess
EscapeCommFunction
CreateWaitableTimerA
EraseTape
SetLocalTime
GetThreadLocale
GetComputerNameW
GetConsoleCursorInfo
SetThreadContext
GetProcessShutdownParameters
HeapAlloc
HeapDestroy
HeapCreate
GetModuleHandleA
ReleaseMutex
GlobalFindAtomA
HeapFree

user32

LoadCursorA

comctl32

ord17

msvcrt

_except_handler3

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cs
Size: 512B - Virtual size: 157B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ