267f051cdca3854e7167719feb1a4a19_JaffaCakes118 | Triage

Sharing

General

Target

267f051cdca3854e7167719feb1a4a19_JaffaCakes118
Size

188KB
MD5

267f051cdca3854e7167719feb1a4a19
SHA1

6938e7ca6a47966b07a5319b6cbdd4f08859e6db
SHA256

562d238943ae475aac250bc68a7e660bedede3541f8a90d45d9eb91b0768aa35
SHA512

b8708d84c6357bb2c3d269a82e0edff0c8907de70fb64cc007ad9eef66ed2b9be47f1f29b2bfb50384ebb83dc9842d1e8f367934c3d6876a12d1ab6a1e8e7880
SSDEEP

3072:9nBDRl/Fas68c2dIqHmeXEaeaCYRk3XE8tm/GvrHID9CxfqSrR+69hRFNcmEx/:pBDRBFa/8HdFHzrMQ8tnTHID4l/RgmC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
267f051cdca3854e7167719feb1a4a19_JaffaCakes118

Files

267f051cdca3854e7167719feb1a4a19_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bcd81398dc4991f2840c355c1d92baa4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
MultiByteToWideChar
GetModuleHandleA
GetFileSize
FlushInstructionCache
GetTickCount
VirtualProtect
GetLastError
GetProcAddress
LocalFree
LoadLibraryA
Sleep
LocalAlloc
VirtualProtect

user32

wsprintfA
wvsprintfA

Sections

j:7\]qJN
Size: - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

@"C:1?RK
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

lv=95dvd
Size: - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

au#@B;c7
Size: - Virtual size: 640B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

p5)#Fm/O
Size: - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

GMg#1RB=
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fEp]NssC
Size: 4KB - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ