1949f36d587a4f79bcef5cc681b14023_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1949f36d587a4f79bcef5cc681b14023_JaffaCakes118
Size

48KB
MD5

1949f36d587a4f79bcef5cc681b14023
SHA1

f74b6fe5eab70dc32ac4ea0d2811556e75831a84
SHA256

d9cb79e6696bae8e64cbb5ff25adf31cc2f8a09c4ff86f6498c7b54ccc7ed343
SHA512

ff8dc8c867c8783c312a87cbef34bee1b4141f5b62095339fae47f9f5e7c6924c1127ad5355b7ad4425f95837bac593dc5d85232d7a680bad853e85898117e4c
SSDEEP

1536:5RCNjr7owIkoal6S4CNmShWbMH0uTwa4:5G+aykWbMw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1949f36d587a4f79bcef5cc681b14023_JaffaCakes118

Files

1949f36d587a4f79bcef5cc681b14023_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cc99e05b7190a016eb4e7dbb3f398a80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
EnterCriticalSection
ExitProcess
FindResourceA
FreeResource
GetACP
GetCommandLineA
GetDateFormatA
GetLastError
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemTime
HeapAlloc
InitializeCriticalSection
MapViewOfFile
MultiByteToWideChar
OpenFile
SetEndOfFile
SetLastError
SetUnhandledExceptionFilter
VirtualAlloc
VirtualFree

msvcrt

__getmainargs
__p__commode
__set_app_type
_cexit
exit
rand
setlocale
sscanf
vswprintf

ole32

CoCreateGuid
CoCreateInstance
CoInitialize
CoInitializeSecurity
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
StringFromGUID2

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ