414acf0c5bf889db32dcd208ee2e493a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

414acf0c5bf889db32dcd208ee2e493a_JaffaCakes118
Size

132KB
MD5

414acf0c5bf889db32dcd208ee2e493a
SHA1

644feeefff171d0835d56aa0f9d415949af59fba
SHA256

de04ebd21c4c39e780a2b2e96a8eb437497eadb1fa42deea306298d215434098
SHA512

f5316e84e72ace674cb5d48cf5ea00e617fb025b457c6cb7ccbb1b9aef8ea42a5ca3049c07ed83a24d1d05551153507d4dc118a5c75ce6dded2ed666d1d0f62d
SSDEEP

3072:9t9MO605axkACR4yFaoUltE7r8N8/4OuEzIhM+C3JU:9t940UxkdsoUlCXIgmXhM+C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
414acf0c5bf889db32dcd208ee2e493a_JaffaCakes118

Files

414acf0c5bf889db32dcd208ee2e493a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f827b3db1a0b7b4caa21dae037df5ba3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
EnumResourceLanguagesA
SetProcessAffinityMask
ReleaseSemaphore
AddAtomA
DosDateTimeToFileTime
CreateTimerQueue
EnumCalendarInfoExA
DisableThreadLibraryCalls
GetModuleHandleW
GetNamedPipeHandleStateA
GlobalUnlock
GetTempFileNameW
CancelTimerQueueTimer
GetThreadSelectorEntry
TransactNamedPipe
EnumSystemCodePagesW
BeginUpdateResourceA
WaitForSingleObject
GetEnvironmentStrings
GetConsoleTitleA
ExpungeConsoleCommandHistoryW
CommConfigDialogW
SetVolumeMountPointW
GetConsoleAliasesLengthA
LoadLibraryW
WriteConsoleOutputW
GetOverlappedResult

Sections

code
Size: 8KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ