f52d0b903732a824a02d996cad4f2b59_JaffaCakes118 | Triage

Sharing

General

Target

f52d0b903732a824a02d996cad4f2b59_JaffaCakes118
Size

180KB
MD5

f52d0b903732a824a02d996cad4f2b59
SHA1

9d84688909b5ccb27c1de0c5d70664bbe81a15eb
SHA256

96c00cf2e78e1c3ffa1166654ca8611d3ca2e7eeb974ed2bbe0d74c3882cf7bc
SHA512

ab64966642df8b50b22e5604232f53731fb51018a8b9f8091767227c4724d07fe3e98a6ef4cccdaefbb08b1daff95bf88d535df04102ec9c4b3296871d1b69a5
SSDEEP

3072:lI6WOY0nggo8sp2EkHXlebBMQ8FD+MV2gg3PE+M8buLjjblUEZa:lI6WV0Do8m2EkQzM0gg3PE9Hjb/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f52d0b903732a824a02d996cad4f2b59_JaffaCakes118

Files

f52d0b903732a824a02d996cad4f2b59_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0c1acbbbcd1c41025c6a9200dec2368

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
HeapDestroy
GetProcessHeaps
ExitProcess
SetConsoleHardwareState
SetLocalTime
DeviceIoControl
GetModuleHandleA
HeapQueryInformation
CreateMutexA
GetProcessHandleCount
OpenJobObjectA
FreeEnvironmentStringsA
GetCommandLineA
InterlockedExchange
FindFirstChangeNotificationA
SetupComm
GetCommandLineA
VirtualAlloc
Process32First
LocalShrink
GetConsoleOutputCP
IsValidLanguageGroup
GetSystemTime
GetExitCodeThread
GetConsoleAliasExesW
GetThreadContext
LocalLock
DeviceIoControl

ws2_32

recv

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 156KB - Virtual size: 805KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ