b17436bf1fbc9622d100cef7c26fa89b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b17436bf1fbc9622d100cef7c26fa89b_JaffaCakes118
Size

256KB
MD5

b17436bf1fbc9622d100cef7c26fa89b
SHA1

b8cc20e0ca2cb9e7d793d0e1d6a773e9c8996673
SHA256

d683c3eda3cb6ff00e232ca4661fca4f67147d8b7d4c7cbc7dc41d496473267a
SHA512

8e070070f186153c1b771e99bbcd132dc4cb63f763893b8c094400eefed9be633393c3f6f0b4864eaabc57b3b223717c4dfcef540d33df63d0153596fc711017
SSDEEP

6144:9xh6EU9FQbbVHBBPxYSUc2asxUIEt15O6XWl+c2PC:77/VDuL8IEVOqHcd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b17436bf1fbc9622d100cef7c26fa89b_JaffaCakes118

Files

b17436bf1fbc9622d100cef7c26fa89b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e29bab17234d1fdf34af78b5c62934c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleKeyboardLayoutNameA
VirtualAlloc
SetFileTime
GetTempPathA
HeapSize
GetConsoleCP
SetUserGeoID
GetNamedPipeHandleStateA
OpenEventA
GetDiskFreeSpaceA
OpenFileMappingA
lstrlenA
InterlockedDecrement
WriteFile
GetCalendarInfoA
GetConsoleCharType
EnumTimeFormatsA
GetSystemDefaultLCID
GetDllDirectoryA
FindFirstVolumeMountPointA
HeapQueryInformation
VirtualFreeEx
GetLogicalDriveStringsA
Heap32ListNext
GetCompressedFileSizeA
UpdateResourceA
GetConsoleTitleA
GetEnvironmentStringsA
IsValidLocale

gdi32

SetViewportOrgEx

shell32

SHGetSpecialFolderPathA

winmm

timeBeginPeriod
timeGetTime

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 244KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ