e01d412248f13c8b81e40160ef52d99b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e01d412248f13c8b81e40160ef52d99b_JaffaCakes118
Size

244KB
MD5

e01d412248f13c8b81e40160ef52d99b
SHA1

d61020fd54e4ff837742c2f08a7252bfa9d59689
SHA256

38c858efd0e176b33f11ba1460d64cc388af4516ce0c27fd560ffc3522894794
SHA512

9fc5af22f29543b06da9fff65c72757efc68484448d2f1b673a4f949d16e697d44a5a59f923bf076f3f295f3bac9e338dec2e51428c08b5ce2da4df75a748f3b
SSDEEP

6144:Dvxa68SMCoREu0o3g1LNY6WVvFj1CRTtnMJUp1yY:U6zMCbub3GmJ1FRYtnMJUpIY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e01d412248f13c8b81e40160ef52d99b_JaffaCakes118

Files

e01d412248f13c8b81e40160ef52d99b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

782facb7c135d1488e7a4f180f20cbcf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GetLogicalDriveStringsA
GetCurrentProcessId
LCMapStringA
EndUpdateResourceA
SetCurrentDirectoryW
SystemTimeToTzSpecificLocalTime
GetPrivateProfileStringA
GlobalAddAtomA
WaitForMultipleObjects
WaitCommEvent

user32

GetWindowThreadProcessId
EnumDesktopsA
TranslateMDISysAccel
MessageBoxExA

gdi32

GetCharWidth32A
CloseFigure
Escape

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE