194fa3b2614a6d3ce8b7a50d8ff7c555_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

194fa3b2614a6d3ce8b7a50d8ff7c555_JaffaCakes118
Size

60KB
MD5

194fa3b2614a6d3ce8b7a50d8ff7c555
SHA1

27557a5cd1aa87a888b775f2694716c3e27e80a7
SHA256

5e75d5b5f9549e6e87862e82d3cd5bd1ca97943b21edccced13f2294cba9e538
SHA512

57f1c85db6dcd54a181af3191a8f6343a3bc7ea46c35d8fa31321779635a4d151375ae779c1cbf05c8f8de6e643c069f98a7e84556b183f75ffd1f1c2aa1100b
SSDEEP

768:LVY4RFr1FNk7cUUHKFJ5lC5iGDtkKeHcKLNnhWMW:xYcr1FNtKFJjbwtHi1DW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
194fa3b2614a6d3ce8b7a50d8ff7c555_JaffaCakes118

Files

194fa3b2614a6d3ce8b7a50d8ff7c555_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0cf4272a0d9feeaf7b2409c002c97a2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetProcAddress
GetModuleHandleA
LockResource
LoadResource
SizeofResource
FindResourceA
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
GetLastError
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
FlushFileBuffers
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CloseHandle

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ