f139ee5996ef267e438923d0f25ccf77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f139ee5996ef267e438923d0f25ccf77_JaffaCakes118
Size

69KB
MD5

f139ee5996ef267e438923d0f25ccf77
SHA1

1e3465b6a6e4760441c18c2f2b98a4e0a601e4fd
SHA256

a9cb53a0fe8e99626b652a3e1be27463db07a8eccee30290d60b48164b8ab87b
SHA512

d92d2f2254b158a9aea0edd816e3101e776e8ac4ca55060bdbca9f6ce7f4d47fa9a419bdac8ee6190e1cdb4b70013df0736dee2c82916caff184514eeb37d636
SSDEEP

1536:R1Riz+k00qZttZEr+1p7jHpGtj8/vfQxq/S59Z8UG9S/aW:Rk/AttZEiT7jJGtj8/vfQxq/oZxTaW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f139ee5996ef267e438923d0f25ccf77_JaffaCakes118

Files

f139ee5996ef267e438923d0f25ccf77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

38357874950427565e010c256d9117eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
CreateFileA
WriteConsoleW
GetLocaleInfoA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
RtlUnwind
LoadLibraryA
InterlockedExchange
LCMapStringW
LCMapStringA
WriteFile
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetThreadLocale
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount

msvcrt

_initterm
_iob
pow
fprintf
?terminate@@YAXXZ
free
exp
_initterm
malloc
_adjust_fdiv
exit
_CIpow
_ftol
__CxxFrameHandler
_purecall
_except_handler3

msvfw32

ICInfo
ICOpen
ICSendMessage
ICClose
ICGetInfo

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE