e252a760b96e95a21ae99ae725dd1533_JaffaCakes118 | Triage

Sharing

General

Target

e252a760b96e95a21ae99ae725dd1533_JaffaCakes118
Size

44KB
MD5

e252a760b96e95a21ae99ae725dd1533
SHA1

dc7b0f1a8e23040fa8fef77cd350f58d3bf3b6ca
SHA256

28de22df268b40c1c99be9464fcb96b6c1fa8c8022c61222e910ded3543a9dbb
SHA512

7f86727091975deaf5132d1657c8f8227fc54fb0914428ab6898f25148a6ede34fe546fae35207f20cca85eb02f00793fca5aa393658185632745541ce9f7169
SSDEEP

768:zcJca4VRbuhWj89M9I7WObZPz/ygGbtxFEp3Ow7JOlJVj98DTeT9cRxnYt:zcvgIh7M9TO1zKgQtOew7JOl79yhRF6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e252a760b96e95a21ae99ae725dd1533_JaffaCakes118

Files

e252a760b96e95a21ae99ae725dd1533_JaffaCakes118
.exe windows:4 windows x86 arch:x86

332d5b4040ef0b581dc9744cba22b011

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
LoadLibraryA
GetProcAddress
GetNumberOfConsoleFonts
DuplicateHandle
FreeConsole
CreateRemoteThread
GetLastError
DeleteAtom
_hwrite
RaiseException
CreateNamedPipeA
GetCommConfig
RemoveDirectoryA
SetComputerNameA
IsDebuggerPresent
ReadDirectoryChangesW
GetPrivateProfileSectionA
CreateFileMappingW
VirtualProtectEx
ExitThread
SetConsoleTextAttribute
UTRegister
FindNextFileW
IsBadCodePtr
GetCommandLineA
SetConsoleOS2OemFormat
SetLastConsoleEventActive
FatalAppExitW
Heap32Next
GetConsoleOutputCP
GetCommTimeouts

user32

SetCapture

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE