18693c8b376d8965197c84f2d663b09a_JaffaCakes118 | Triage

Sharing

General

Target

18693c8b376d8965197c84f2d663b09a_JaffaCakes118
Size

105KB
MD5

18693c8b376d8965197c84f2d663b09a
SHA1

65b721bf7a14fd3a863c0defe372c51d53636588
SHA256

8748d16a27f45a77b73d6967097116ec0b8746dc80886af996ad01197ac5afa0
SHA512

00cfe71b1a048324994980fc212ff5d409f3880b096a7b80fdbea28565fa7dc4750dfe954b1bbfee41ea895b119d90d5fe3ad714d0f7f79ab176690d29bf0cb3
SSDEEP

1536:7kEss7ku2dLF/6qdgqF5366/nR3ju+3YSurdv:7T97kuSL16kn3VKeurR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18693c8b376d8965197c84f2d663b09a_JaffaCakes118

Files

18693c8b376d8965197c84f2d663b09a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4ca0861c5490e7ad30ffe88991d61799

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_exit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
strrchr
strchr

kernel32

LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
GetStartupInfoA
GetModuleHandleA
RemoveDirectoryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
LoadLibraryA
GetVersionExA
FindFirstFileA
FindClose
GetWindowsDirectoryA
SetCurrentDirectoryA
GetTempPathA
GlobalAlloc
lstrlenA
GlobalFree
CreateFileA
CloseHandle
ReadFile
WriteFile
SetFilePointer
GetTempFileNameA
SetFileAttributesA
GetCurrentDirectoryA
CreateDirectoryA
FormatMessageA
lstrcpynA
DeleteFileA

user32

LoadStringA

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE