f500121a4c1b6cc8db42f94fe0088676_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f500121a4c1b6cc8db42f94fe0088676_JaffaCakes118
Size

31KB
MD5

f500121a4c1b6cc8db42f94fe0088676
SHA1

6e67c3894cb2ab67c678692e720b1986bd78b1a8
SHA256

77db29667a59f4c5e858b6e58ac36cb42ea1b67a5e944808dcbab6fe255bf621
SHA512

e3c563698a8ea56964fde74a5a91f8ec4588bf064e2e0cd31ea3add7a6f9b363c88fcaa04d37a2a8f9b271b7d32557a65e8ce8d027bf1eeed9c76314a6cc0bb0
SSDEEP

768:Gyvdn3XERsJgbgNlZgZhtyJkrkeuRCm0QbpK/r5UF+LKbuZ:VGbklWbOkrK4/r5UF+LKi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f500121a4c1b6cc8db42f94fe0088676_JaffaCakes118

Files

f500121a4c1b6cc8db42f94fe0088676_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72455c440f3d6c718b7546796dbaff6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStructA
SetConsoleMaximumWindowSize
WriteProfileStringW
SetCommState
DeleteVolumeMountPointA
GetComputerNameA
SetFileAttributesW
SetErrorMode
WriteProfileStringW
SetHandleInformation
GetCommandLineA
SetThreadPriority
QueueUserAPC
AddConsoleAliasA
SetThreadIdealProcessor
SetProcessPriorityBoost
SetConsoleTitleW
DeleteCriticalSection
GetThreadSelectorEntry
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ