243421a4380a6424f51cccb9490ea016_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

243421a4380a6424f51cccb9490ea016_JaffaCakes118
Size

39KB
MD5

243421a4380a6424f51cccb9490ea016
SHA1

468b5038cb5d77336e74ca039d560e95aa1a1815
SHA256

d51668fa3380558315db43e5714e8c912f9f7c574c83eaa9f08505b192a90cac
SHA512

4a0f699fdc50ebeb3f78b95ef513dfcf09e6234e8cef2d48c516358ef008d12253b31946d8db9d3f3f2f0926bee7596a40ef507d00d9f643e9f6e95249fb12f4
SSDEEP

768:Qntf2l3y4c9xuU4UykeJsOZsHx1yUfwMqbicsiJGO8Vv3zt/otVtQ:Qtul369xuUDmsF9oMjGGzV7t/otV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
243421a4380a6424f51cccb9490ea016_JaffaCakes118

Files

243421a4380a6424f51cccb9490ea016_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6d736ab74d3c93a1d2dbbe165b0c554

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
DeviceIoControl
ExitProcess
ExpandEnvironmentStringsA
FindResourceA
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetDriveTypeA
GetFileAttributesA
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetStringTypeW
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
InterlockedExchange
IsValidCodePage
MultiByteToWideChar
OpenEventA
OpenProcess
RaiseException
RtlUnwind
SetFilePointer
SetLastError
SetUnhandledExceptionFilter
TlsGetValue
lstrcatA

msvcrt

__getmainargs
__p__commode
__set_app_type
exit
fprintf
fwprintf
sscanf
vswprintf
wcscat

user32

FrameRect
GetClassNameA
SetMenuItemInfoA

winmm

mmioDescend
mmioGetInfo
timeGetTime
waveOutGetNumDevs
mixerGetID

Exports

Exports

Direct3DCreateDevice

Sections

.text
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ