332cdec36dd0db7754b7aa30ecf450eb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

332cdec36dd0db7754b7aa30ecf450eb_JaffaCakes118
Size

206KB
MD5

332cdec36dd0db7754b7aa30ecf450eb
SHA1

dabfcfea72f099f01f0e42cd5d74bbaf139f82d7
SHA256

d22ea4aefa790ca938c33cdd06b1754c7e654d2e30b6ee19fbffc447745aa0b8
SHA512

6aeb8dc9dc4bcefd16e6c15ad95fc5e1864091079dc4f0f2a3da1d8010fd6c5144d66492fa4238a4ee8e7182a6b806f695d6c160cda589ca9984c1eec6d67223
SSDEEP

3072:oI72DwfG71qKwgr1X7BaArYMy+Y/Dc9jViB2hmECWqqShGPXYGw+IBsdoCocHR:oI7Xf2qCrb9NlYUjXm2oGPY8doCoQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
332cdec36dd0db7754b7aa30ecf450eb_JaffaCakes118

Files

332cdec36dd0db7754b7aa30ecf450eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a9cd41ef33128204af075f31b5ddf139

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetLastError
Sleep
GetThreadLocale
lstrcmpiW
GetVersion
GlobalFindAtomW
GetCurrentProcess
GetOEMCP
GetTickCount
SetLastError
QueryPerformanceCounter
lstrlenW
GetModuleHandleW
GetCurrentThread
RemoveDirectoryA
DeleteFileW
IsDebuggerPresent
GetACP
GetStartupInfoA
GetCurrentThreadId
CopyFileA
GetCommandLineA
GetDriveTypeA
GetUserDefaultLangID
GetCurrentProcessId
GetModuleHandleA
GetWindowsDirectoryA
GlobalFindAtomA
MulDiv
GetConsoleOutputCP
GetProcessHeap
lstrlenA
SetCurrentDirectoryA
DeleteFileA
lstrcmpiA
lstrcmpA
LoadLibraryW
VirtualAlloc

user32

GetSystemMetrics
GetDesktopWindow
CharNextA
GetDC

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ