332d04212c9ac5f3ec4757e59f0649ea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

332d04212c9ac5f3ec4757e59f0649ea_JaffaCakes118
Size

25KB
MD5

332d04212c9ac5f3ec4757e59f0649ea
SHA1

a4c7872e83eced22f585f5e5ef5a65c55dbd5d3d
SHA256

c84365ca4f2def805e6c503a37ec7a8212abdc7e17bdf86e72cdffea57d965c9
SHA512

a9f31d952a2a4f209565eabe0b214b819dd5950fdbc00d42cf9ba138f14a1e77eab165038ab21212fd0ffc6f0e85b2feb6cfed3634627185c393191f127f538a
SSDEEP

384:q1SMstiz7bMLUddK07ofQKmLtGHktvajmRfyNz7ANzaqHhzlAJIDIScrpPmvBqjb:qgMdbWUdf6QEHMv8QfI7QzaqHRle5mSb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
332d04212c9ac5f3ec4757e59f0649ea_JaffaCakes118

Files

332d04212c9ac5f3ec4757e59f0649ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

043170b6d81e9970772680985132ae74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
HeapDestroy
HeapFree
HeapCreate
HeapAlloc
GetProcessHeap
CloseHandle
ReadFile
SetFilePointer
CreateFileA
ExitProcess
GetModuleFileNameA
Sleep
GetTickCount
VirtualAlloc
QueryPerformanceCounter
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
lstrcmpiA
FreeLibrary
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
GetCommandLineA

user32

wvsprintfA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE