f99c2b5eaf27b27729592934059e4973_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f99c2b5eaf27b27729592934059e4973_JaffaCakes118
Size

105KB
MD5

f99c2b5eaf27b27729592934059e4973
SHA1

0f207cc032cdcc9b5a2d9882e0f04032ed7c4323
SHA256

42136fdbea0c298668fb945a4a194c983683f14700922a997042ed17a2cf0423
SHA512

c35ca20b414a6e91e968fea226783e2c2de98fc31aa924384761944c4e6c6ed75bcb16cc759ca206b4bbadcfba016dffd793aaca61d69788fe53260f5d544987
SSDEEP

3072:B95M7vmwRTOSoaiUqWTjDO7p5LWmhGxlzC:iyAiS7iUqKHO95LWmIxl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f99c2b5eaf27b27729592934059e4973_JaffaCakes118

Files

f99c2b5eaf27b27729592934059e4973_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6cfbf3e2a04ac5154c9f117ad6e1773e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
HeapAlloc
HeapFree
GetProcessHeap
HeapCreate
GetModuleHandleA
ReleaseMutex
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
IsDebuggerPresent
TerminateProcess
VirtualQuery
RtlUnwind

user32

LoadIconA
BeginDeferWindowPos
DestroyIcon
LoadMenuIndirectA

shell32

SHGetFolderPathA

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ