fed041e974d5cdb5a55012874264dc4b_JaffaCakes118 | Triage

Sharing

General

Target

fed041e974d5cdb5a55012874264dc4b_JaffaCakes118
Size

29KB
MD5

fed041e974d5cdb5a55012874264dc4b
SHA1

632ce31558a6bc1fa7f6194aed512a20ecfd1290
SHA256

e9b06fd38a17825fcaf1269f7dd5ca3314897e6f43945a247803243beb038f72
SHA512

2c5d88ef5294b1fc89762a121e63fe26e6696e12ddc447088190cc5240bf00d5678a7d2c3cfaa0e22866e66de825e353ae89b74c35a467664fb18ea8f61acf8e
SSDEEP

768:cD290g8/6YA/Zu0rXIegEM4FFj6/9TPmg:a2igsoBYGFj6/9Teg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fed041e974d5cdb5a55012874264dc4b_JaffaCakes118

Files

fed041e974d5cdb5a55012874264dc4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

533ba2eced170512b9ae6fbe87ef5e6a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByte
FlushInstructionCache
GetExitCodeProcess
GetLocalTime
Beep
GetProcessTimes
SystemTimeToTzSpecificLocalTime
AllocateUserPhysicalPages
FindResourceW
VerifyConsoleIoHandle
SetFileApisToOEM
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.code
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ