af76c319848041a3100552515e87f576_JaffaCakes118 | Triage

Sharing

General

Target

af76c319848041a3100552515e87f576_JaffaCakes118
Size

39KB
MD5

af76c319848041a3100552515e87f576
SHA1

fd22da1d7728d4543c085a6b0c65f10e85307625
SHA256

6430657ff273ac145a20925e38c4de550b739814df2103cd4f434e626529d1c6
SHA512

aa45f0fb3268dd71fc70b3a0312d42e721f6ba2774363c39707d5d96e22d29c12cbfe34d63d67bc8c96cd4c072cb74664402ac3ed9b8d1c6aa3bda9872416cb9
SSDEEP

768:GfRpeDS/lcU8hKnwS9vBd5rsZyBChPWlIk5oI5onI:GfRkSrowH932ZyBCREIk5oI0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af76c319848041a3100552515e87f576_JaffaCakes118

Files

af76c319848041a3100552515e87f576_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0dc252a52926e93fbda38a2e308bc0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryW
RegisterConsoleIME
CloseProfileUserMapping
GetWriteWatch
CreateWaitableTimerA
UTUnRegister
GetCPInfoExW
RegisterConsoleVDM
FlushFileBuffers
GetUserDefaultUILanguage
GetCurrentProcess
LoadLibraryA
CompareFileTime
lstrcat
GetLastError
VirtualProtectEx
SetCalendarInfoA
SetConsoleCursor
SetComputerNameA
GetProcAddress
Heap32ListFirst
InitializeCriticalSection
SetThreadAffinityMask
VirtualLock
VerifyVersionInfoA
GetConsoleCommandHistoryLengthW
MulDiv
GenerateConsoleCtrlEvent
FindResourceExW

user32

SetCapture

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE