1286dd082448ed212f4e6399bd5dd571_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1286dd082448ed212f4e6399bd5dd571_JaffaCakes118
Size

26KB
MD5

1286dd082448ed212f4e6399bd5dd571
SHA1

ac586fe57a50a82014add5a1f2b740987d46a92c
SHA256

df0d73b33a9511f925c9fad118e210fa8941bf6cdac39a8c31bc971344522001
SHA512

26e1f503869a12273d954d5dbfaff5f0e80be862618d5751ab71bc678a069f16dbb99e5028a77360f1c549b000a091ec61178088a2fc6bf6ded59bfd91aa99cf
SSDEEP

768:9KTPWz6SRsa05N1vDUAh9qFr7VqSlSHIyIhGfl+:muzJx053GrMlTZfQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1286dd082448ed212f4e6399bd5dd571_JaffaCakes118

Files

1286dd082448ed212f4e6399bd5dd571_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33c3c9df13dd0ff30a7b28bb670bae8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
FreeEnvironmentStringsW
EnumResourceTypesW
ReadProcessMemory
FindVolumeClose
Process32First
OpenDataFile
WriteProfileStringW
MoveFileA
VDMConsoleOperation
SetSystemTime
lstrcmpiA
GetConsoleTitleA
GetLinguistLangSize

user32

FlashWindow
EqualRect
InvalidateRect
EnableScrollBar
SetCapture
SetClassWord
GetClassInfoA
GetWinStationInfo
CreateAcceleratorTableA
DeregisterShellHookWindow
IsWindowInDestroy

Sections

.text
Size: 22KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 649B - Virtual size: 649B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ