f1d14d605899cb54b22c178ae3f48118_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1d14d605899cb54b22c178ae3f48118_JaffaCakes118
Size

44KB
MD5

f1d14d605899cb54b22c178ae3f48118
SHA1

479eb6e32b8da34ff12142bfc0e8127bcc5fdc87
SHA256

233dbba6a311f59f4b5bbf46c9f0e37d24ff1cff9c8f282a2e5b7a54cdfb9164
SHA512

22696841e36e50ade87d707a5df075841f4885fa7886d6807e1768eda32e5e6ec3320094de10b49d28ec4813b4b361d95ef60e32ebc309b8d346494bb31ae2a7
SSDEEP

768:3QAexzIskNHAbG6g8TTb/p44sosg9R1y56hToJ:3gkH6tTHRiJg9RUeoJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1d14d605899cb54b22c178ae3f48118_JaffaCakes118

Files

f1d14d605899cb54b22c178ae3f48118_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4881b4133c539c1cbdf4d96c0f093d79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetThreadLocale
ReadFile
CreateFileA
GetLastError
SetErrorMode
lstrcpynA
GetACP
GetStringTypeA
LCMapStringW
LoadLibraryA
lstrcpyA
GetProcAddress
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
GetStringTypeW

user32

GetKeyState

gdi32

SetPixel
IntersectClipRect

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE