12a5f396f56c60938d707b5bc5f55052_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12a5f396f56c60938d707b5bc5f55052_JaffaCakes118
Size

124KB
MD5

12a5f396f56c60938d707b5bc5f55052
SHA1

7ecbad89c6c29fdfaa739b7b0fd88794fdce48bf
SHA256

08a7829410509b70fde181fcd4d417759cd4fbfdfab08ec0f1d4bd09ce30c349
SHA512

a496b6b326629443f28ddee37765694c41d02f9ad58503b6e80b810c16b139cda938af3d83dfa19d6ae9d658a08ce36534f7427f416a7f98baf14e09c8824aa4
SSDEEP

1536:2NHXO82cwvH5rI1ss2nEQzkM4D6MnFuJb+0nwcH+MK5Y6BOGCWCMCw1Lt7s:2NHe82ZP5U1Cnn9GcZJ5UOMC9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12a5f396f56c60938d707b5bc5f55052_JaffaCakes118

Files

12a5f396f56c60938d707b5bc5f55052_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7f8963908788effa9ef90e6918d50f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommBreak
GetLocaleInfoA
BindIoCompletionCallback
UTRegister
FindFirstChangeNotificationA
GetCommTimeouts
ReleaseSemaphore
InitializeCriticalSectionAndSpinCount
GlobalFlags
BackupWrite
GlobalDeleteAtom
lstrcmpi
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.rc5sec0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rc5sec1
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rc5sec2
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rc5sec3
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ