3accdf8c034cc9e5956aed52ea874d9a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3accdf8c034cc9e5956aed52ea874d9a_JaffaCakes118
Size

230KB
MD5

3accdf8c034cc9e5956aed52ea874d9a
SHA1

39cf36746535ab8c32076c8b7b2819ea9cdd04c1
SHA256

d2983c6e92b940f514c56d3cf21cc48b645d888a91c50726e87fbf7a0a5675cb
SHA512

d8c32c3388bac571febb2d23ddd7de970847c4b913cff814c90f24b08c48147fd3b165feadfff5e110954b868e1c96925cab72314ac3689d9e3a0f8decc3b8cf
SSDEEP

6144:bU1SW4E3LxL79h0nesDFf9w9cHL6CuIGG70LLh:bUoE9z0JDtmIGG2h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3accdf8c034cc9e5956aed52ea874d9a_JaffaCakes118

Files

3accdf8c034cc9e5956aed52ea874d9a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6b4d4a92019e6bfc8fe62a407caf477

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleOutputCharacterA
GetDiskFreeSpaceA
UpdateResourceA
SearchPathA
GetEnvironmentStrings
GetNumberFormatW
LocalReAlloc
SetConsoleCursorPosition
GlobalWire
GetProcessWorkingSetSize
GetDefaultCommConfigA
GetThreadPriorityBoost
CreateMutexW

user32

EnumDesktopsW
DestroyCaret
HideCaret
IsZoomed
DestroyAcceleratorTable
DdeClientTransaction
GetActiveWindow
SetClipboardData
SetPropW
wvsprintfA
SetScrollInfo

gdi32

EnumFontFamiliesExW
GetBkMode
Polyline
AbortPath
RealizePalette
GetGlyphOutlineA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE