256dd6ff0ada938ca0ef31a551c7d4cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

256dd6ff0ada938ca0ef31a551c7d4cb_JaffaCakes118
Size

96KB
MD5

256dd6ff0ada938ca0ef31a551c7d4cb
SHA1

069c8001930ffe2967556ceb2bee2290dff14152
SHA256

8530d7784f5b00590b6687fcbcc2fcbb38335314d0927ce994b696e00afecebf
SHA512

6d8073f99d3b5b4fdd93a9307fdcf01ff2ac4a95effdd99753cc951048b6b053625ef4f60d238b76882407b4eb230dfb76e65ed912925e2e37d550fd067faae4
SSDEEP

1536:Dyk/niqDP5oIceEfdsvjt2Gdxp15rAxL86VBrTFrrP+42:mOlVobDfKQuBrA18T42

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
256dd6ff0ada938ca0ef31a551c7d4cb_JaffaCakes118

Files

256dd6ff0ada938ca0ef31a551c7d4cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f646cb5b6982bd70bf3d7084d588d4c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetFileType
lstrlenA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
LoadLibraryA
WriteFile
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress

user32

wsprintfA
EndDialog
SetWindowPos
SetDlgItemTextA
PostQuitMessage
DialogBoxParamA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ