10f8fb075321e9e4b6e359ca4dd22431_JaffaCakes118 | Triage

Sharing

General

Target

10f8fb075321e9e4b6e359ca4dd22431_JaffaCakes118
Size

1.2MB
MD5

10f8fb075321e9e4b6e359ca4dd22431
SHA1

f90c422142d9d05e44bf42bd971c93396e2ef4e0
SHA256

79b118ae98da7745af46b64d1ada2e5aca2ac201b56b801fae5c6b01a6fd3c3e
SHA512

b788f59e425af9f7438df203e3dc057875d3b68b47ae48034f3c23d22955f383c38976b15f03e38f3f979776c0aafc0a3214653121f1c8bf9205bcc643fb08ae
SSDEEP

24576:PCPWKfD7Pz04I2QLbzjuXxpSzRMRPCTokLRRNyuJv:m5nz0BbzK+dlUWIO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10f8fb075321e9e4b6e359ca4dd22431_JaffaCakes118

Files

10f8fb075321e9e4b6e359ca4dd22431_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46a858d88c051440eb80f88eee0affe8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetConsoleAliasesLengthA
GetFileInformationByHandle
GetConsoleCommandHistoryLengthW
DeviceIoControl
ReadConsoleOutputAttribute
OpenThread
ReadConsoleOutputA
GetFullPathNameA
CreateProcessA
CallNamedPipeA
SetLocaleInfoA
EnumSystemLocalesA
RtlMoveMemory
VirtualAlloc
RaiseException
OpenJobObjectA
EnumTimeFormatsA
SetPriorityClass
SetEvent
EnumSystemCodePagesA
SetConsoleCursorMode
GetModuleHandleA
CreateNamedPipeA

dpmodemx

SPInit

advapi32

CredMarshalCredentialW
CredUnmarshalCredentialA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 646KB - Virtual size: 1004KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ