39a68c1266d3e97522a41ac4dbbe7e13_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39a68c1266d3e97522a41ac4dbbe7e13_JaffaCakes118
Size

212KB
MD5

39a68c1266d3e97522a41ac4dbbe7e13
SHA1

13b243bd5d2f96c34e97b05be655fa4ba909b403
SHA256

bd1ef2cdb42c77366511f514626ad707a632302922daaf54f578f5f50783de36
SHA512

251a98e67b10f7241bfb3a67345ae3bb5c1d6a329aac4b1236d732532487306e5c1e055f3c1a23488495bbb9ed8fe102ddc6573407756a5d4ee25769419da67b
SSDEEP

3072:RNkP/UPcsJ5wskhNYgPSMcy+vbug3QIHDUcIvRc8n:YXsHpkhNYiSvy+viGQeJIZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39a68c1266d3e97522a41ac4dbbe7e13_JaffaCakes118

Files

39a68c1266d3e97522a41ac4dbbe7e13_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6e5c05b27d86ccd7777388aa792c126

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetConsoleInputWaitHandle
OpenMutexA
GlobalMemoryStatusEx
GetDriveTypeA
MapViewOfFile
GetProcessId
GetCurrentThread
lstrlenA
InterlockedDecrement
IsValidLocale
ReadConsoleOutputAttribute
SetThreadAffinityMask
GetConsoleTitleA
OpenThread
GlobalSize
SetConsoleTitleA
RemoveDirectoryA
GetThreadLocale
VirtualAlloc
Process32First
IsValidLocale
GetComputerNameExA
GetNumberOfConsoleFonts
CancelWaitableTimer
GetStartupInfoA
WriteConsoleInputA
AddAtomA

gdi32

SetViewportOrgEx

shell32

SHGetSpecialFolderPathA

winmm

timeGetTime
timeBeginPeriod

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 200KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ