747122a855497c74422850573cbc5685_JaffaCakes118 | Triage

Sharing

General

Target

747122a855497c74422850573cbc5685_JaffaCakes118
Size

26KB
MD5

747122a855497c74422850573cbc5685
SHA1

62dcb2e8eaba5b23d7c776c1ebf33dd91a6246a0
SHA256

e411233f75a20c1cfdee7da17e4f755c2419860fc66323fa0e0ad5423ed83c8b
SHA512

7113cf185d8f602c80d48348ea03530497ceaa2b6cab9b6247451ce0785f2dd10fc290cafd44a94be97019ccde66e209742ac7d73f7469ebc43b62e6a5c700c1
SSDEEP

384:mEZkcWTC5RXUBv4G7NSJYtB/culz7TTc3YlzDcnkRwOw6mO66QOhKJUVE4pDBtDk:mEZkcHRX0hN28Cul/rzDzRw13JoE4pb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
747122a855497c74422850573cbc5685_JaffaCakes118

Files

747122a855497c74422850573cbc5685_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fa7772fc1bce4ae3612d4ad4cf78376b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrToIntA
StrStrIA

kernel32

GetNativeSystemInfo
HeapFree
HeapAlloc
GetCommandLineA
SetCurrentDirectoryW
OutputDebugStringA
Sleep
ExitProcess
CreateProcessW
GetSystemDirectoryW
lstrcatW
LoadLibraryA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetProcessHeap

msvcrt

memset

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE