ecf0561cfa4a3c3bc83a3eb29277e6ab_JaffaCakes118 | Triage

Sharing

General

Target

ecf0561cfa4a3c3bc83a3eb29277e6ab_JaffaCakes118
Size

40KB
MD5

ecf0561cfa4a3c3bc83a3eb29277e6ab
SHA1

48b9c703b35271b65775ab915c8330dd0aefe10b
SHA256

6a28f5a5a058441eeb57bb21d92d8784e84f3d3daa12f8d69ab3565e8174926b
SHA512

231f1c94aef30ca619a53040342d3ed4d949dc2677fc672d998262839a5d5f5b55bea54d67d67976f9129e4f24a475fa07abd14862433609ee5de43184b27e78
SSDEEP

768:BXho4ICjUkTV9+Q50BYUkEhQ3YotaiIexsgQ21LfME3Tt+:fUMV9+QiYEhboIULkMt+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecf0561cfa4a3c3bc83a3eb29277e6ab_JaffaCakes118

Files

ecf0561cfa4a3c3bc83a3eb29277e6ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

617aa9d9faeefc1471dac20f565d68f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GlobalCompact
GetProcAddress
GlobalAlloc
GlobalAddAtomA
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
GlobalLock
GetBinaryTypeA
GetCPInfo
GetCommConfig
GetCommMask
GetCommModemStatus
GetCommProperties

Sections

.code
Size: 37KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_READ