ae754095c04434b8da393c17293353a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae754095c04434b8da393c17293353a5_JaffaCakes118
Size

20KB
MD5

ae754095c04434b8da393c17293353a5
SHA1

347dcfc1f996925295ff67997ef21b2f22da7743
SHA256

1b834aca414fdfd95911d178c8d0c6c9d0771f4daa534a19e4759fd15677fea1
SHA512

2645d6b8833c149af9b5bd6e76d9cbd384eaeb4df9b088e92f826ceaf06a13f94a0bbbc8ea3b820f762771e7e2034109b5a64f774196accdd2b0d0fab42cdcb4
SSDEEP

384:80PXYgNRy7J3eGf3r/cZUQZgF18I4D01q2egFDo8qO7EEz:87yqJ3eGfb/ItZgF1QwTxQw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae754095c04434b8da393c17293353a5_JaffaCakes118

Files

ae754095c04434b8da393c17293353a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fd249996ff39d76f5725094adb5cbbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RegisterWaitForSingleObject
SetFileApisToOEM
CancelDeviceWakeupRequest
GetConsoleCommandHistoryA
GetProcessHeap
BuildCommDCBAndTimeoutsA
FlushFileBuffers
CancelIo
SetCommState
GlobalFindAtomA
GetFileAttributesA
RtlUnwind
CreateDirectoryA
GetCommandLineA
ExitProcess
GetStartupInfoA
GetCommConfig
TermsrvAppInstallMode
GetSystemDirectoryA
GetSystemTime
ShowConsoleCursor
GetStringTypeA
SetConsoleCtrlHandler
LockFile
SetThreadContext
SetCommConfig
lstrcmp

Sections

ATSEC0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ATSEC1
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ATSEC2
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ