eb29f85dcca41a08d498c566a7087c77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb29f85dcca41a08d498c566a7087c77_JaffaCakes118
Size

177KB
MD5

eb29f85dcca41a08d498c566a7087c77
SHA1

25202a532745337229a2447fe8397b2e34961436
SHA256

d7e375112bc908e142fbaba9b4d808056fb8c89022cc2af97fbc696134af08bb
SHA512

6f47a9f15f98825d44a76b9ead4f414fb56f4c3feb6d964ed95c6c3c382b9a98a08a2bb454020314d2b2df0fb20f81b7aa38987edee026a3a2a42a34c7e960ae
SSDEEP

3072:Z+Xt5DPZ8zfZTAdud/6yEEfdVB03v4V5nE7T48h7HgIlXIubkpuVlETFAZy+S/:EXzPybZTAdudfEEfd03vsn+T4w7AIlX2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb29f85dcca41a08d498c566a7087c77_JaffaCakes118

Files

eb29f85dcca41a08d498c566a7087c77_JaffaCakes118
.exe windows:1 windows x86 arch:x86

87ff337e096f0b8cf71cf9eb570ccf7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommBreak
FatalAppExitA
UnlockFile
GetCurrentDirectoryA
HeapFree
VirtualAlloc
GetDriveTypeA
GetThreadIOPendingFlag
LZCloseFile
GetFileTime
FlushFileBuffers
IsDebuggerPresent
GetConsoleAliasesA
GetConsoleAliasExesLengthA
SetFileAttributesA
GetPriorityClass
SetConsoleTitleA
FindNextVolumeMountPointA
FillConsoleOutputAttribute
GetThreadLocale
LocalLock

ntdll

RtlGetLastWin32Error

advapi32

RegQueryInfoKeyW
AddAce

Sections

.text
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ