cfdcf14b8babb0f8c6a78fa6af8d178d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfdcf14b8babb0f8c6a78fa6af8d178d_JaffaCakes118
Size

29KB
MD5

cfdcf14b8babb0f8c6a78fa6af8d178d
SHA1

8e8578c66900dfa6260d189c466310f297e7f082
SHA256

6ad774232ed42a5bc5c21af03163fd8bddb6cbf7abf02f55369e86aec7fb4424
SHA512

f5db73e1e15c9e8dcab48d3f817836ce216fd1766debe60547f3cb976d518c96cb66ec7c4481714c5e8f8611e232c2674eb5cb58290cfd464425ce39d412742e
SSDEEP

768:z4g/Mo4UvDaGyWZ92g0dQJh+hajRA9zO2fEZOXgY:z//nDaoZ92HWhRAb8s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfdcf14b8babb0f8c6a78fa6af8d178d_JaffaCakes118

Files

cfdcf14b8babb0f8c6a78fa6af8d178d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7cef4717f9b9df5579a2c0da92ae5ee3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
GetProcessPriorityBoost
ChangeTimerQueueTimer
CompareFileTime
FoldStringW
FindNextVolumeMountPointW
GetCommTimeouts
GetWindowsDirectoryA
OpenMutexA
GetThreadPriorityBoost
OutputDebugStringA
WriteProfileSectionA
GlobalLock
ReadConsoleA
DeleteTimerQueueTimer
DeleteTimerQueue
Heap32First
OpenJobObjectW
GetProcessTimes
FindFirstVolumeA
MapViewOfFileEx
RegisterConsoleIME
MultiByteToWideChar
DebugBreak
WriteFileEx
SetConsoleCursorMode
WriteProfileStringA
GetVersion
OpenWaitableTimerA
SystemTimeToFileTime
GetSystemTimeAsFileTime
CloseProfileUserMapping
EnumResourceLanguagesW
SetStdHandle

Sections

code
Size: 4KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ