19d8806ca6e86be5c77f303d8688568f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19d8806ca6e86be5c77f303d8688568f_JaffaCakes118
Size

82KB
MD5

19d8806ca6e86be5c77f303d8688568f
SHA1

fcef29e7b8a7deac99d0500a2fcd59b7f34f4569
SHA256

edaddf53afbdf05872498db85a14e2e525bd014dbc7979aafe7f8dbff877895e
SHA512

e2f84e63b8960a3c85917008fbf4491ad8b73dd7d509b8e236aa0f3ba566a126484d48f6ce88876dd7e2105ed48d7105fb6ef70df2bc4132971920a4903da90e
SSDEEP

1536:3OB2OlDrMZsfREactFlM2VmwsIO6fYMJt2ECUKPH00Bi4qa1mhoWpPbBxv:eEwDrWspEachyeO6fYuOf00BDqKmhoWN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19d8806ca6e86be5c77f303d8688568f_JaffaCakes118

Files

19d8806ca6e86be5c77f303d8688568f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be53319c0653e0852da70dd01fe54e94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetExitCodeThread
lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
GetShortPathNameA
FindResourceExA
EnumResourceLanguagesA
ResumeThread
WriteProcessMemory
HeapValidate
GetCurrentThreadId
SetFileAttributesA
CreateDirectoryA
QueryPerformanceCounter
QueryPerformanceFrequency
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: 24KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 44KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 10KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE