128c052ce119157069ed96d543fe3a68_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

128c052ce119157069ed96d543fe3a68_JaffaCakes118
Size

25KB
MD5

128c052ce119157069ed96d543fe3a68
SHA1

1fda6f7519fb9bbd10dd16a5520a70f69658489f
SHA256

36725b9645bcb114f1580b62f92e14c84e5dd1fae6e27eadd3c94a33278c0411
SHA512

ff39bb05d79768fd9861fd7eff1bed32fbee4fed5f1de1dab6a076c5a65f65c00c4a7108cab8f280985176544c7368f83c5f79cf1baa9668d8c0f4f4db97d3ea
SSDEEP

384:e0L5by4fX2m/l5AdgFhnpAi/oAZKjG0IKQMOFDn84CR:e4HAdg/npZ/oAZKy0IKQMybw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
128c052ce119157069ed96d543fe3a68_JaffaCakes118

Files

128c052ce119157069ed96d543fe3a68_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0261b8bb13da6c28fd25324c4c3a88b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
FileTimeToDosDateTime
CreateFileA
GetWindowsDirectoryA
LoadLibraryA
lstrcatA
VirtualAlloc

user32

ShowCursor

gdi32

GetStockObject

Sections

.text2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ