312f1f45bf653be896f4e6ca406d046b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

312f1f45bf653be896f4e6ca406d046b_JaffaCakes118
Size

263KB
MD5

312f1f45bf653be896f4e6ca406d046b
SHA1

9bb135cdf60954bb8e05b2fa8d499497370e9f91
SHA256

99bca25ed20f422fc849a6b80b2ea63bc3306a37b69da53e8481e00e0886eb7e
SHA512

4fc497385d0b6cb6a0f615567cc4236fc6928f62d620b94d034ac048e0564847aa4699e8f295889cafd26ca496e3802349a8806def226c0048469eb106ea9f57
SSDEEP

6144:XJza5SWJBvUekpL24/+EKW1WvjqnMyItx3CGkVkEQjU+f01:5zaQWvsef4/rKW16jJjtxZFEQjUI01

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
312f1f45bf653be896f4e6ca406d046b_JaffaCakes118

Files

312f1f45bf653be896f4e6ca406d046b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3e709fac21f4699c5f1e5eb1e09bb7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
FindFirstFileW
CopyFileW
EnumDateFormatsA
FindNextFileW
SetFileAttributesW
MoveFileW
FindClose
SetLastError
OpenProcess
UnregisterWaitEx
RegisterWaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
LoadLibraryExW
FormatMessageW
GetTickCount
CreateEventW
CreateThread
GetCurrentThreadId
OutputDebugStringA
GetCurrentProcessId
ResetEvent
SetEvent
GetFileAttributesExW
ReleaseMutex
WaitForMultipleObjects
CreateMutexW
CloseHandle
WaitForSingleObject
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
LocalAlloc
LocalFree
GetLastError
InterlockedDecrement
InterlockedIncrement
InterlockedExchange

oleaut32

VARIANT_UserFree
SafeArrayCreateEx
VarDateFromI8
SafeArrayGetRecordInfo
SafeArraySetIID
SetErrorInfo
SysAllocString
SysAllocStringLen

msvfw32

ICInfo

Sections

.text
Size: 165KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ