24b0af9cacca63f60f3787c54655fb11_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24b0af9cacca63f60f3787c54655fb11_JaffaCakes118
Size

100KB
MD5

24b0af9cacca63f60f3787c54655fb11
SHA1

de2c1f1068ccfa82a4b5f58cf5b64cc433590fb0
SHA256

bc97ae699b71489e2a5a8b4c1b43e06ac41eeff6870bc5784d62b35fb41045de
SHA512

051a17911705a14d7039cbc96808ddefa6dbec8ec9abacc8bab2e4e4be56f666ec628d324bdf581bc30f5a69e420ac43017b98dfb54d127241534ea35730d320
SSDEEP

1536:CV/D3UgyodMghOplhsgcCmLP8jW6dGWnyyzh6PfFbiHGKp4k5GH:ClsUgliE57Vh6PdOmKU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24b0af9cacca63f60f3787c54655fb11_JaffaCakes118

Files

24b0af9cacca63f60f3787c54655fb11_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9fa03c996d62e1fd0c99eaddcae944ef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

wvnsprintfA

kernel32

HeapAlloc
GetModuleFileNameA
LoadLibraryA
GetProcAddress
SetLastError
GetTickCount
lstrcatA
lstrcpyA
lstrcmpiA
LoadLibraryExA
FreeLibrary
DeleteFileA
GetProcessHeap
HeapFree
CreateEventA
GetLastError
CloseHandle

ole32

CoCreateGuid

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code5
Size: 315B - Virtual size: 315B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code6
Size: 250B - Virtual size: 250B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE