31837b247088873eef3eceaeddd35ed2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31837b247088873eef3eceaeddd35ed2_JaffaCakes118
Size

43KB
MD5

31837b247088873eef3eceaeddd35ed2
SHA1

55b186e21242dfd1c13f0754a1ce74e908123171
SHA256

b7ef27d238b1a6a7ec4363fe913f16a53fc70ccc5b32b9c1b255c8aa08e49850
SHA512

7fbea23082b2fd0939404e26b3ec8d5d20aa8e358af183c2e135f004f46e6e77374f05423ebece73a87607748cf729aa6a69b0191a941dd2310d9464e293db60
SSDEEP

768:U3nIFePpNoZxjBb7oHfDjss+BnghlqGdd2RT5aSAiBvuVfyGwtBj1ZuTu:U3KAHCobjsNBnghxdd2/BvuE//u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31837b247088873eef3eceaeddd35ed2_JaffaCakes118

Files

31837b247088873eef3eceaeddd35ed2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ff421b5e0aa854c91033d2bf720c7c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExW
EnterCriticalSection
WriteFile
ExpandEnvironmentStringsW
GetCurrentThread
SetEvent
GlobalLock
CloseHandle
OpenProcess
GetSystemTimeAsFileTime
MultiByteToWideChar
lstrcpynW
FindFirstFileW
FindClose
GetTempPathW
FlushFileBuffers
GetTimeZoneInformation
lstrcmpiA
SetLastError
SetEndOfFile
GetSystemTime
CreateFileMappingW
CreateEventW
GetUserDefaultUILanguage
HeapFree
lstrlenA
CreateProcessW
CreateMutexW
GetCommandLineA
SetFileTime

user32

CloseWindowStation
GetKeyboardState

Sections

.dgv
Size: 35KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tex
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ncpwd
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ