fdab3295c3887a56eb0c2b773aed0b14_JaffaCakes118 | Triage

Sharing

General

Target

fdab3295c3887a56eb0c2b773aed0b14_JaffaCakes118
Size

6KB
MD5

fdab3295c3887a56eb0c2b773aed0b14
SHA1

feee5afc274c7e829484f42538596f0858d0cebb
SHA256

268cb462d234a464e955ec6937bd0869852acf92de8b64ed130c2e880467980b
SHA512

9bf8009456a26a7f2afeff01197d29cee1044b851e71b8d6590fd800af46f3e17271bc85fb1b34964a18a435accd3c716c7ea90a185a21a59d10d68240042448
SSDEEP

96:wzssjFQoMcEA7d5DdglHxXqaRrcY0zS8Ev0O4gPL:oZQoMpsdkxRrc+8W1PL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdab3295c3887a56eb0c2b773aed0b14_JaffaCakes118

Files

fdab3295c3887a56eb0c2b773aed0b14_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12cab689e1c6b0fbae779e1de6397f27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PeekConsoleInputW
QueryDosDeviceW
EnumTimeFormatsA
GetConsoleCommandHistoryA
GetFullPathNameA
FillConsoleOutputCharacterA

user32

IsCharAlphaNumericW
IsCharAlphaA
CreateDialogIndirectParamA
TabbedTextOutA
SetPropA
CreateDialogIndirectParamA

gdi32

CopyMetaFileW
GetCharWidthA
StartDocA
EnumFontFamiliesA
AddFontResourceExW
GetCharABCWidthsFloatA
GetLogColorSpaceW

Sections

.data?
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 679B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ