f166950dce890ab9c80320df35ba636b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f166950dce890ab9c80320df35ba636b_JaffaCakes118
Size

343KB
MD5

f166950dce890ab9c80320df35ba636b
SHA1

c507ef62d1a55c7fb9de83401786af336d4c70b0
SHA256

746e1cdcfa7f57101d5887ff1709c0ef0d86f1c632d4061e7696c93685a0d7ab
SHA512

f8d99416afe9fffdab8cd26688b9f1a49c91e09a153b40e455091c344585ac6e1c2f327c7d2cca90e1bb89341bdc173124e03898e2a10ac41219d7a3f6bb4ac0
SSDEEP

6144:UF7r8zNvj93r6XWw7zzX1jUu84lh82tYPsr+pWEXcOSDMQ:UrmLVrSW6R84lu2tYc+pHnSDMQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f166950dce890ab9c80320df35ba636b_JaffaCakes118

Files

f166950dce890ab9c80320df35ba636b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e304217fc16c011615a0ec22783cbfae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
SearchPathA
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 286KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 44KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE