dc07a963d84123d0134762f4e5cb1412_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc07a963d84123d0134762f4e5cb1412_JaffaCakes118
Size

107KB
MD5

dc07a963d84123d0134762f4e5cb1412
SHA1

90478cb874d2fb8a7adeb7e457772a925242599c
SHA256

11571ef333970f48c036f4366d2143b7f298869792e985c0868f1ef4978e83c8
SHA512

bd50b0b3d8c3913f4f90ff31de9d2a6d05c2507c7087e59210903e112fd4cde828ba07d59512c496e2f820e00d53d90aab28e3909a0b23d93c49244f21ef1f06
SSDEEP

3072:7BLLNZknlcMdTq3RU4C59STQ2mZOlULOZQ+n:NLAXdiPC59mYZOGLiQG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc07a963d84123d0134762f4e5cb1412_JaffaCakes118

Files

dc07a963d84123d0134762f4e5cb1412_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af7fdb9ebf2cb69a553a3b994499fc16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleWindow
CompareFileTime
CopyFileW
CreateThread
DefineDosDeviceW
EnumResourceTypesW
GetCommConfig
GetDateFormatW

msvcrt

_mbccpy
_mbctombb
_mbsdec
_pctype
_snprintf
_snwprintf

shell32

DragQueryFileAorW
StrStrIA
DuplicateIcon

Sections

.text
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE