463a9e1722413f4a7178aa9dd1dec905_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

463a9e1722413f4a7178aa9dd1dec905_JaffaCakes118
Size

67KB
MD5

463a9e1722413f4a7178aa9dd1dec905
SHA1

409bb168dddec84402374c3aa8b4089ebfcfae2d
SHA256

02c8482251d4078d67d0b2b0f472087701cf92f935425dee8c25ec652835cc27
SHA512

c76769615789402731f4f65b430ba09e852a9adb3d5eb4796f8cbcd3a15b2e4b3d8b0e2ac8b825ed9dbe5f946cebc24d7dd4926003bbbad25e8e9f0b359c3073
SSDEEP

1536:/D4oiDdM94Yx5rKGPiFE8a2krhusQGtZ/BPI1hF6XOCu:7Ti564UUFEbxrhulGL/ZInF6et

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
463a9e1722413f4a7178aa9dd1dec905_JaffaCakes118

Files

463a9e1722413f4a7178aa9dd1dec905_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c4b5e69df6807557af2277564ec2fc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
RequestWakeupLatency
SetConsoleNumberOfCommandsW
OpenSemaphoreW
GlobalWire
OutputDebugStringW
GetProcessHeap
GlobalMemoryStatus
Heap32Next
GetNamedPipeInfo
ExpandEnvironmentStringsA
GetPrivateProfileSectionA
VerLanguageNameA
GlobalUnWire
lstrcmpA
SetComputerNameExA
RtlZeroMemory
FindAtomA
GetSystemDirectoryA
SetCommTimeouts
GetFileType
SetThreadExecutionState
GetConsoleKeyboardLayoutNameW
GetCommandLineA
ExitProcess
GetStartupInfoA

Exports

Exports

Lhjhdus
OpenAyhbxai

Sections

.text
Size: 4KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ