d7032686c00510ba0f9bf3ff4ccd29dc_JaffaCakes118 | Triage

Sharing

General

Target

d7032686c00510ba0f9bf3ff4ccd29dc_JaffaCakes118
Size

132KB
MD5

d7032686c00510ba0f9bf3ff4ccd29dc
SHA1

f28bf2711515816d8a94976e764511fe23406835
SHA256

1cc0f98976e02690b64d4cc994814651dac28e4e7f2ac9b5f48c2e3a425671a3
SHA512

b5df7bd6791e3ae66bbe725ef52fc75b9d5e7b515d0d044f2947f03d919f7061c384b42057ff7bb71bce606e346530e22de5c5860b986403849b83db45d1eab0
SSDEEP

3072:ANqbOGwL8GW+tRb7jPv3XbHs4pWvhdTUKHLebR:ANqKGq8/WbX3XbJIPTUKLeb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7032686c00510ba0f9bf3ff4ccd29dc_JaffaCakes118

Files

d7032686c00510ba0f9bf3ff4ccd29dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e96e51ebbcef7cb25f0031aade9b273e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
IsBadHugeWritePtr
lstrcmpiA
GenerateConsoleCtrlEvent
SetThreadIdealProcessor
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

PESEC0
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PESEC1
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ