f1088f4c53ab460f905febe67cd6af24_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1088f4c53ab460f905febe67cd6af24_JaffaCakes118
Size

348KB
MD5

f1088f4c53ab460f905febe67cd6af24
SHA1

c7a41e31a8fbbcc31489371bfe694d7413b98158
SHA256

48631711262e66ac8b749bed9035f62cd94c3b0d7f9c60eaeb1b07e559f844f9
SHA512

463dff75e3b55b2db3a7944f8d222758a3cc7fbd2466b683255db58c650456636a2380502c6318b9bb40b158263487cbda72268f471ce8ee5860f6b18b772712
SSDEEP

6144:6HdmIY6yH9AI30DpTzazoUSUhQqbm46yy1/ZUxEFi8AkKwl+wd8Vt:6HdxY6ydAI30tScHUBbm46T1G6FigKw6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1088f4c53ab460f905febe67cd6af24_JaffaCakes118

Files

f1088f4c53ab460f905febe67cd6af24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3cf43237e642f6bdcec2637d401a8ff3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
LocalLock
GetSystemTime
GetSystemDirectoryA
GetLastError
VirtualFree
CloseHandle
UnmapViewOfFile
lstrlenA
GetModuleHandleA
WaitForSingleObject
GetProcAddress
HeapDestroy
GetCommandLineA

user32

wsprintfA

advapi32

AddAce
CopySid

ole32

CoUninitialize

avifil32

AVIStreamCreate

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 184KB - Virtual size: 755KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ