c7f72b14033da3da88fb84da8b4bd3c5_JaffaCakes118 | Triage

Sharing

General

Target

c7f72b14033da3da88fb84da8b4bd3c5_JaffaCakes118
Size

24KB
MD5

c7f72b14033da3da88fb84da8b4bd3c5
SHA1

b24ec8ce3c95c3e117752520744918fe2c1e6c13
SHA256

78a9af72f2cd88422e7fa5581978ae6eb5034eb23469d2ee720485e1d1a3810f
SHA512

7044a720a8a320add706344382faf5c110ad9df27af247d5cb68b9b27727b6c342fa048732cf0f05e311eee02ae18396d2ca0900c266ef8feb136b9590e107ff
SSDEEP

384:eef323sfBe+Bd/Pa3edH2k2Tes8T6sOzqkEjMw+f/2h/LgJn8S/5zT+JpLxjJ3:eefDBe+D3aOdHHnT6dq3jzLEB+b9jh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7f72b14033da3da88fb84da8b4bd3c5_JaffaCakes118

Files

c7f72b14033da3da88fb84da8b4bd3c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1468c46be9da7ecff11e53abdfca9296

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
GetFileAttributesA
SetConsoleOutputCP
GetThreadLocale
LocalAlloc
lstrcmpW
GetConsoleAliasesLengthA
SetConsoleWindowInfo
GetConsoleCommandHistoryA
GetCommandLineA
SetConsoleMode
ReadConsoleA
CompareStringA
FindNextVolumeMountPointA
GetConsoleDisplayMode
IsValidLanguageGroup
SetMessageWaitingIndicator
GetProcessPriorityBoost
GetConsoleTitleA
SizeofResource
LocalFileTimeToFileTime
GetVolumePathNameA
GetDriveTypeA
GetStringTypeExW
IsSystemResumeAutomatic
QueryDosDeviceW
GetConsoleAliasesA
GetAtomNameA
FindResourceExA
HeapAlloc

Sections

code
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 2KB - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ