d47740120b57d55ffd69c00e4713193c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d47740120b57d55ffd69c00e4713193c_JaffaCakes118
Size

67KB
MD5

d47740120b57d55ffd69c00e4713193c
SHA1

be24b7791b2351b88a330a0f154f96542abfb70c
SHA256

ea7f7173ca2ab68b77759b923c279560a73d8f4c4801bc74742343e8a47ea48e
SHA512

d4afe20066c82e04f46bd6ab2be0944942d2ade218a818139d267db2e82c55c53e4d21244647e2035682f81367e9e83b9f9a70ee5a11c382d7b10ace9eef271f
SSDEEP

1536:P7g9VLmSZ6Kng2cvB+kfHEA34Rkp41mrJoAaPLoe9uPbm+Jaz:cfZ6vvB+WHF3QS47TzuTfJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d47740120b57d55ffd69c00e4713193c_JaffaCakes118

Files

d47740120b57d55ffd69c00e4713193c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aebc6cb62d17731b301d9b00444d9448

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetSystemPowerStatus
GetMailslotInfo
lstrcatA
SetMessageWaitingIndicator
GetConsoleAliasesW
GetConsoleOutputCP
Thread32Next
AllocConsole
CancelTimerQueueTimer
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

GetCursorFrameInfo
LoadCursorW
DdeSetUserHandle
IMPSetIMEW

shell32

SHChangeNotify
SHGetPathFromIDList
SHGetDiskFreeSpaceA

Exports

Exports

WriteIwrviiuf
Yrgqebg
Yepmavljdij
Xpejgoj

Sections

.text
Size: 4KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jpaxx
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE