09d9f490b1c814b558282c09696d9011_JaffaCakes118 | Triage

Sharing

General

Target

09d9f490b1c814b558282c09696d9011_JaffaCakes118
Size

1.1MB
MD5

09d9f490b1c814b558282c09696d9011
SHA1

865e40589b936dfa057e680afb5734bd57e42347
SHA256

1d2a60bc3fcd25130bbbede31cbc6542dab5afeb539dcdebb350bf0b6b1a3670
SHA512

8a669bf55863382aa8be1a6f7f6a439878e056cb6c059e655f3199a63eb17087f63faba67b91b3df7be030c22784b3e14ef2b91270afbd1652d0e1d72be9ce87
SSDEEP

12288:JuukaJCSbLECuX+KKYFlLWUFisOSJ5anMz977oFfKoagR1FnAOwBK9QkWl0cMv0P:ocCdC0LWUAsOS6nhgaR1Pt2kWlxMgO3Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09d9f490b1c814b558282c09696d9011_JaffaCakes118

Files

09d9f490b1c814b558282c09696d9011_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a40a7463eac04b60631d9725f1c27ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetSystemDefaultLCID
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetCommandLineA
GetCurrentProcess
GetSystemDefaultLangID
GetCommandLineW
GetUserDefaultLangID
GetUserDefaultLCID
GetCurrentProcessId
GetVersion
HeapAlloc
GetProcessHeap
GetStdHandle
GetFileAttributesW
Sleep
TlsGetValue
UnhandledExceptionFilter
QueryPerformanceCounter
LoadResource
InitializeCriticalSection
LCMapStringA
CreateProcessA
EnterCriticalSection
HeapFree

Sections

.text
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 818B - Virtual size: 818B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 783KB - Virtual size: 783KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/DIALOG/102
.rsrc/DIALOG/105
.rsrc/DIALOG/106
.rsrc/DIALOG/111
.rsrc/GROUP_ICON/103
.rsrc/ICON/1.ico
.rsrc/ICON/2.ico
.rsrc/ICON/3.ico
.rsrc/ICON/4
.rsrc/MANIFEST/1
.xml
.text
[0]
[1]
[2]