d4ab120b95c819774e6c61223df0785b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4ab120b95c819774e6c61223df0785b_JaffaCakes118
Size

132KB
MD5

d4ab120b95c819774e6c61223df0785b
SHA1

f57ed71dadd35643a205a893622c2f25dfd64330
SHA256

2177ad1f3ce1f466bdd5a6a88cdcd31f71339114cfc189fa5772cbf1562ac350
SHA512

1cb90608e615b6eb8e8886c4efe81a2e604107f4267987905c2ab3ca5d3bae4fd8d70951d385aac3cd17421c5465926931ff587b3af2b3d1d9cb81f7a3523ef0
SSDEEP

3072:qpgGF7TUubmhVUw023LxDoxThe5CK/ePBhfCICTn/:qKGF7Awu023LxDo5hc+Axn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4ab120b95c819774e6c61223df0785b_JaffaCakes118

Files

d4ab120b95c819774e6c61223df0785b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c72d1ab4d4c91fd1e99cd47dc7d8c4a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
InterlockedCompareExchange
CompareStringW
GetTempFileNameW
MoveFileWithProgressA
HeapCompact
AddConsoleAliasA
EndUpdateResourceW
SetCommTimeouts
GetVersionExA
Module32Next
TlsGetValue
SetConsoleInputExeNameW
SetPriorityClass
CompareStringW
SetVolumeLabelA
CreateFileW
SetLocaleInfoA
GetAtomNameA
CreateWaitableTimerW
WriteFileGather
GetVolumePathNameW
GetUserDefaultLangID
DeleteTimerQueueEx
DisconnectNamedPipe
SetConsoleInputExeNameA
GetTimeZoneInformation
ReadConsoleOutputA
ResetEvent
SetConsoleScreenBufferSize
GetTimeFormatW
SetFileAttributesA
LeaveCriticalSection
WritePrivateProfileStructA
GetTempPathW
GetTimeFormatW
SetPriorityClass

Sections

.data
Size: 8KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ