00e797056201c3f8d761704e8dc209df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00e797056201c3f8d761704e8dc209df_JaffaCakes118
Size

116KB
MD5

00e797056201c3f8d761704e8dc209df
SHA1

e4633b1b4122f0f281c2ba6c2e36de53fc2e15df
SHA256

0a29ed61596cec62e92186eed1353048bf43e7421175ca96764ea421541180eb
SHA512

7fd1a08d48de1fa15df87d3b69bfb2e0e67ae48337a183de0e4fe9a5a4a61be7293d3f96cc09002bb43c3e62047668c5b0166ef161d4c49ab3b360336a390399
SSDEEP

768:jt9sHlXG+SH0OhJ1UmYxMsbbgULONs7L/4MS8QW0VnjHIn+R9VaXQikK3:jt9ChO0RvHLMcLwb8QWKnjHX+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00e797056201c3f8d761704e8dc209df_JaffaCakes118

Files

00e797056201c3f8d761704e8dc209df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77c0120542e00ee96f255df82ce3e6c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Heap32ListFirst
SetCalendarInfoW
WritePrivateProfileStringW
FindNextFileW
ReadConsoleOutputW
CloseHandle
lstrcpyn
GetStdHandle
SetConsoleNumberOfCommandsW
CreateSemaphoreW
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

CODE
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE