01e3b6f85c20fa0866f520bc2e081223_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01e3b6f85c20fa0866f520bc2e081223_JaffaCakes118
Size

102KB
MD5

01e3b6f85c20fa0866f520bc2e081223
SHA1

bf9569163c72dbd896d673f717e956b4b33c202b
SHA256

a13ad5305ad231e18f36478bc854f03a7cefda349602d8360dcf02e427d160cb
SHA512

7b16f66ea1fdbaccb228e98f359a7fa8c3244ea358c8cffeeaf9f32d7e3498872797c7b6aeccef54881ae36130370b1e02402b15a8bf288f00cf6bec3d4fa476
SSDEEP

1536:xK4XQiuNSZ+4mGiJyK+MBuLMpG2YavP5n4kA0przGitdJbPsuLvwg:cips/yMo8P54kAkrzGihrsmwg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01e3b6f85c20fa0866f520bc2e081223_JaffaCakes118

Files

01e3b6f85c20fa0866f520bc2e081223_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94a9c0a5bb69d55c86cbc4078c9aefe0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
HeapFree
ResumeThread
GetACP
SetStdHandle
GetTickCount
VirtualAlloc
TlsGetValue
SetConsoleCP
HeapAlloc
VirtualProtect
RemoveDirectoryW
InterlockedExchange
GetVersion
GetOEMCP
IsBadWritePtr
SetEvent
UnhandledExceptionFilter
GetModuleHandleA
ExitProcess
WriteFile
DeleteFileW
UnmapViewOfFile
GetStdHandle
GetFileAttributesA
Sleep
LoadResource
GetVersionExA
MultiByteToWideChar
GetStartupInfoA
LoadLibraryW
GetCurrentThread
EnterCriticalSection
OutputDebugStringA
DeleteCriticalSection
InterlockedCompareExchange
HeapDestroy

user32

EnableMenuItem
GetParent
ScreenToClient
GetDC
CallNextHookEx
ReleaseCapture
SendMessageW
CharUpperW
CopyRect
MoveWindow
GetCursorPos

msvcrt

??_V@YAXPAX@Z
__dllonexit
_lock
_XcptFilter

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ