e76cdfe974d8871587d7629d5f91016e_JaffaCakes118 | Triage

Sharing

General

Target

e76cdfe974d8871587d7629d5f91016e_JaffaCakes118
Size

488KB
MD5

e76cdfe974d8871587d7629d5f91016e
SHA1

2ec05f2616b94803a0c6c858da62a29b057fadc4
SHA256

e1bce6c38cadabe9abc40a69bc77624a96d4ee1f5da4de2de75b66d67d1023d8
SHA512

27a6a006b1ce2c030df036651fcf34407b0890aeb3e3f79a4c9232400bf2986fa66d8e17e8d005e782065be0fa8246ce10d6233e81b4ee4f1152a55c704f9d78
SSDEEP

6144:RF0oJScJ7wDIwK1Tpu1CS7y59KM14vKtcQ4ESgQk370/B7CZP36y22:RFtJScJgInTpEk59D14SuOaCl3tV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e76cdfe974d8871587d7629d5f91016e_JaffaCakes118

Files

e76cdfe974d8871587d7629d5f91016e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c922e147e9f3c3784bdc24731bb4e675

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadPriority
GetCurrentThread
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessA
GetPriorityClass
GetCurrentProcess
GetCommandLineA
lstrcmpiA
DeleteFileA
SetFileAttributesA
lstrcatA
MoveFileA
lstrcpyA
GetShortPathNameA
GetWindowsDirectoryA
GetUserDefaultLangID
GetModuleHandleA
GetStartupInfoA
ExitProcess
InitializeCriticalSection
DeleteCriticalSection
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
LeaveCriticalSection
EnterCriticalSection
ReadFile
GetFileSize
GetVersionExA
EnumResourceNamesA
SetCurrentDirectoryA
RemoveDirectoryA
GetModuleFileNameA
GetTempPathA
lstrlenA
GetProcAddress
CreateDirectoryA

user32

wsprintfA
CharNextA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 382B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 472KB - Virtual size: 468KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ