151ccf0b74b334fe10754eb660f0c472_JaffaCakes118 | Triage

Sharing

General

Target

151ccf0b74b334fe10754eb660f0c472_JaffaCakes118
Size

5.2MB
MD5

151ccf0b74b334fe10754eb660f0c472
SHA1

5a811cc9edc2774bb706de66b944bf25056b383b
SHA256

a10a575209b09a1227670e5f5f4e18487b82f2684dfa36f7a474849abe2ae2e6
SHA512

42b8bba4de06955a237370c7bf5611e46e2232f57a3c9b6e58cbc858b1e0b97ff9af4c7fd6b22b60f64deefaaca9665883673953d4a3d77b34c6f2e31cd1c8f2
SSDEEP

98304:UxTdMWZAoCs1iURATMkLeL6zqpFP+0fxjzyr:I+KAps1bW7xqpFPZW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
151ccf0b74b334fe10754eb660f0c472_JaffaCakes118

Files

151ccf0b74b334fe10754eb660f0c472_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41d5418843b4cc0fa2b69944c7bd37aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
CreateFileA
GetACP
GetLastError
GetCurrentProcessId
ReadFile
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetCurrentThreadId
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeW

user32

GetKeyState
GetSystemMetrics
GetDesktopWindow
GetCursor

gdi32

MaskBlt
RealizePalette
SetBkMode

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ