22912bf8edc5f303e3e38eab6e197a59_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22912bf8edc5f303e3e38eab6e197a59_JaffaCakes118
Size

138KB
MD5

22912bf8edc5f303e3e38eab6e197a59
SHA1

9dd022cf9d8446b488830238cf8274dabe7d31b8
SHA256

08b04a4f06184effcded7abc013c9d3d901553d3cc57997bef85e90a5956245b
SHA512

c0e074e9d6d83060ca3a546e1478ec7c7d28ac3566e36c1e6ad8e1d1d7c5d86207d026986ef39630cf0e0f744a1554dae46a94a2bb2037ffd34d3394583f7866
SSDEEP

3072:NLvi1/rK+mSa9i14Kj9982ZBsfyDO6uX4dN:NL6839LK5rsfcluX4dN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22912bf8edc5f303e3e38eab6e197a59_JaffaCakes118

Files

22912bf8edc5f303e3e38eab6e197a59_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44982feb6786ada60f4d9d37d034f152

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
lstrcpyA
lstrcatA
GetCurrentDirectoryA
GetLastError
GetEnvironmentVariableA
GetTempPathA
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleHandleA
GetStartupInfoA

user32

DialogBoxParamW

msvcrt

memset
memcpy
malloc
strlen
free
strcat
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ