30649c15a7d520b7d6f268b841024ec1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30649c15a7d520b7d6f268b841024ec1_JaffaCakes118
Size

151KB
MD5

30649c15a7d520b7d6f268b841024ec1
SHA1

74ccdf7b513262efdec3859eabb92fa60a5dbc19
SHA256

941048de657dcfdbca83e411bf599ae38caf1635d8333556513484d46a3b13cc
SHA512

42c36b06fbe2f797f8c4f84c8d6a67712baa9ba50e20c5ca01989efd89b915d9f7ed97232eab91feb1c59727079493e86b7dececfd2e479f319e6adef6a74155
SSDEEP

3072:sN5K1AB9+OXh04OA6ftTHJ/OtOe1T9j2f6wrM1M2iUCg9xKe13koc6P:sN81k9vb5yHJUOe1TY1r189x9q/6P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30649c15a7d520b7d6f268b841024ec1_JaffaCakes118

Files

30649c15a7d520b7d6f268b841024ec1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0645399a0ca0c4608617bfebb2dd964b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TransmitCommChar
GetModuleHandleA
GetConsoleCursorInfo
SetSystemTime
FindFirstFileA
GetStartupInfoA
FileTimeToLocalFileTime
EnumCalendarInfoExA
ExitThread
TransactNamedPipe
GetBinaryTypeA
GetCurrentProcessId
GetCommandLineA
DeleteCriticalSection
FindFirstFileExA
MoveFileExA

user32

GetCursorPos
EnumDisplaySettingsW
FlashWindowEx
CheckMenuItem
MessageBeep
TrackPopupMenu
GetWindowTextW
CreateWindowExA

msvcrt

_adjust_fdiv
_acmdln
__p__fmode
__getmainargs
_except_handler3
_initterm
_exit
exit
__p__commode
_XcptFilter
_controlfp
__setusermatherr
memcpy
__set_app_type

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ