0193c2aba900ae5a84f43a9ac567ead8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0193c2aba900ae5a84f43a9ac567ead8_JaffaCakes118
Size

26KB
MD5

0193c2aba900ae5a84f43a9ac567ead8
SHA1

15b26999ac7eaca6ee8e251ca4f080ff91d18fdb
SHA256

0135fff0feeacb3468cc405b48259bea3a937a50c4d53766378595edba1f7961
SHA512

86fbc25e3c8c44eb70e7329398f0a8d3c3ac05406ca6c3e452a323a089b7f67b09829cb1c55bde95d9c75f286b6f13cc984b1190b64aafe9334dc6636ba23620
SSDEEP

384:CZoc4n9T+TJKoDlU36dobGsudZ7R+4XvTZe3mgMz:CZoc8+hKd7QPXvA3mg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0193c2aba900ae5a84f43a9ac567ead8_JaffaCakes118

Files

0193c2aba900ae5a84f43a9ac567ead8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

118089d1b63b0f880e42e2ad61f640c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
DeleteFileA
CopyFileA
GetTempFileNameA
GetTempPathA
FreeLibrary
SetErrorMode
GetProcAddress
LoadLibraryA
MultiByteToWideChar
FreeEnvironmentStringsA
VirtualAlloc
HeapAlloc
GetLastError
GetFileAttributesA
ExitProcess
TerminateProcess
GetCurrentProcess
SetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetCPInfo
GetPrivateProfileStringA
GetOEMCP
UnhandledExceptionFilter
GetModuleFileNameA
GetStringTypeW
HeapFree
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
LCMapStringA
LCMapStringW
GetStringTypeA

user32

GetTopWindow
MessageBoxA
wsprintfA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE