af58db6105e822a084899269034627ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af58db6105e822a084899269034627ca_JaffaCakes118
Size

17KB
MD5

af58db6105e822a084899269034627ca
SHA1

e513a9cd0ead813f2fb1e06b1986f00ec06e7e80
SHA256

2a04e16378ae70c43750e80658a4612e9330aa8b2cb23ef2a5f0eaad0bcfe9a8
SHA512

ada4c08b9a4bb7618cc30fdb2d823ee45e2c341f8d329e338fc8db56d851748d30958c499a9c0cb297f4a5f8e9d53d95ebf2903374efaf8d2ebea995b8401ae9
SSDEEP

384:UYMA+Mmad6Dj54FW9OjpU94xlkDD8orTs6FL9Jn:ED1CW6U94xSDDhjF9Jn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af58db6105e822a084899269034627ca_JaffaCakes118

Files

af58db6105e822a084899269034627ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32cd96725cc2b188231919655d1cac59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VerLanguageNameW
VerLanguageNameW
GetCommandLineW
GetModuleHandleA
WriteConsoleOutputCharacterW
GetAtomNameA
CreateHardLinkA
OpenFileMappingW
FindResourceA
GetShortPathNameA

user32

TranslateAcceleratorA
SetWindowTextA
GetMenuStringA
IMPSetIMEA
GetWindowModuleFileNameA
EnumDisplaySettingsExW
CallWindowProcA

gdi32

CreateScalableFontResourceA
CreateScalableFontResourceA
AddFontResourceA
GetMetaFileA
CopyEnhMetaFileW
GetCharABCWidthsFloatA
GetTextExtentPointA
GetEnhMetaFileA

Sections

.tls
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icode
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 1024B - Virtual size: 878B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 853B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ