ff296bc105dd313acb0613d0a570b791_JaffaCakes118 | Triage

Sharing

General

Target

ff296bc105dd313acb0613d0a570b791_JaffaCakes118
Size

28KB
MD5

ff296bc105dd313acb0613d0a570b791
SHA1

e4cbd159e1d21c0529f2e0225d19f94427de29ce
SHA256

5a11c5691a46eb13c077572df4c2e4cfd1b3712afe2495bcfbdd581023d1ddc6
SHA512

e3a0ff31ac2e00a6d7256745b5d743c5e5cc812112fa4fbc41e188af8e9b85828a67fb5ee3f110f45f64b5621a5a0d66ac8bda4022ccafbd6358ec427d695b11
SSDEEP

384:Zs7hEkELnlS6aQA2rYEyAZ9XO5gC8VKx5c8vzB6S3PZWJHlh1thyFMmyKBQ:ZuhhIlSMYEv9XO5gDwlPwh13yF/yKB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff296bc105dd313acb0613d0a570b791_JaffaCakes118

Files

ff296bc105dd313acb0613d0a570b791_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c408435cd8020b2d859d5413c5e6cb0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Heap32First
SetConsoleMode
GetProcessIoCounters
FindFirstFileExW
FindFirstVolumeMountPointA
UnlockFile
GetVersionExA
DuplicateHandle
IsBadWritePtr
GetFileSize
GetNumberOfConsoleMouseButtons
FlushViewOfFile
CommConfigDialogA
FindResourceA
WriteProfileStringA
GlobalDeleteAtom
GetTickCount
EnumSystemLocalesA
GetTempPathA
AddAtomA
GetConsoleCommandHistoryA
VirtualAllocEx
GetComputerNameA
CreateSocketHandle
IsBadCodePtr
SetThreadContext
GetThreadIOPendingFlag
GetTimeZoneInformation
EnumUILanguagesA
GetConsoleCP
MultiByteToWideChar
WaitForMultipleObjectsEx
lstrlenA
SetDefaultCommConfigA
AllocConsole
OpenMutexA
GetFileAttributesExA
GetDateFormatA
GetCommModemStatus
SetDllDirectoryA
lstrcatA
GlobalDeleteAtom
SetFirmwareEnvironmentVariableA

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ