09c8b2352f273cd3812e87df744221de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09c8b2352f273cd3812e87df744221de_JaffaCakes118
Size

168KB
MD5

09c8b2352f273cd3812e87df744221de
SHA1

995bb00210f2777e61f5324f11a2aa5ec17a2687
SHA256

701263b7db559f2d2e5c2ef3a2ba1b59a4e5a9f0b82f2a919a7de5eadd87635c
SHA512

a9fce9592b0bdca9679cff9d6bcf6f56898fbb41b7b89bd4f8d332a87fb992c9af199e7d5a9f174014a90fa72f630e016c5f4053f48f224003b27231b27b5a7c
SSDEEP

3072:iTXzCzUy1ai7gVcM12458RCUCQJr2wJ0mInCAUs7Vl:kjvji7MkmoCRE2pmInCAUC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09c8b2352f273cd3812e87df744221de_JaffaCakes118

Files

09c8b2352f273cd3812e87df744221de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a2cf8c783e44ac872e370e2cb0bb5b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

CreateThread
GetProcessHeap
HeapFree
LoadLibraryExW
GetCalendarInfoA
TlsFree
WriteConsoleW
GetProcAddress
GetEnvironmentVariableW
CreateDirectoryW
HeapAlloc
CreateFileW
CreateFileMappingA
GetTempPathW
GetVersionExW
SetEvent
SetLastError
GetConsoleCP
EnumResourceNamesA
MoveFileExW
TlsSetValue
TlsAlloc
InterlockedIncrement
FindFirstFileW
UnmapViewOfFile
FlushFileBuffers
CreateFileA
TlsGetValue
CreateProcessW
GetExitCodeProcess
GetConsoleMode
GetModuleHandleW
ExitProcess
GetModuleHandleA
MapViewOfFile
GetVersionExA
WaitForSingleObject
GetLastError

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ