31be8e2b41c27dd0dd3aba68b2e8588a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31be8e2b41c27dd0dd3aba68b2e8588a_JaffaCakes118
Size

97KB
MD5

31be8e2b41c27dd0dd3aba68b2e8588a
SHA1

c6eb15c7da655b83215a95285b10c4cd7cbed24d
SHA256

bf7c27d4e349c7178fc1b1bea4b9d030361280f9ee25caa935e5ae661c69fe16
SHA512

9bd43a866c59197ce0a56b6dbd4ec91bb6f4341434260aa5793b309ed88060a1eca51f430f9b880438833a4544e13e57956e6c9ae84da9d32b5780cf2260a2d5
SSDEEP

1536:qezhw4HCJqyjCnP4lBLaFMgZy8kVOU5QIo2zlPtKh3frXg:z9w3jWUWSgZJ0OU5QyJPMhTX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31be8e2b41c27dd0dd3aba68b2e8588a_JaffaCakes118

Files

31be8e2b41c27dd0dd3aba68b2e8588a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e1510ff041a516d703b97f4e4f6328b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
CharNextA
GetDC
GetSystemMetrics

kernel32

CopyFileA
SetCurrentDirectoryA
DeleteFileW
GetProcessHeap
GetLastError
GetVersion
RemoveDirectoryA
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetConsoleOutputCP
GetThreadLocale
lstrlenW
GetUserDefaultLangID
GlobalFindAtomW
Sleep
GetCommandLineW
GetCurrentProcess
GlobalFindAtomA
IsDebuggerPresent
SetLastError
GetModuleHandleA
GetCommandLineA
lstrlenA
GetCurrentProcessId
GetDriveTypeA
lstrcmpiW
GetWindowsDirectoryA
GetACP
GetCurrentThread
lstrcmpiA
LoadLibraryW
DeleteFileA
GetStartupInfoA
GetOEMCP
GetModuleHandleW
lstrcmpA
MulDiv
VirtualAlloc

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ