33b7f5988f32314dbe0a3e24dfc5c8ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33b7f5988f32314dbe0a3e24dfc5c8ba_JaffaCakes118
Size

204KB
MD5

33b7f5988f32314dbe0a3e24dfc5c8ba
SHA1

612c1f9fb9f6c3eb4b48aac0366fc8d9e2bd4cd7
SHA256

58437858ffd1f6eff3b04795658c7d5c69ffe7c20eb2a7fac74767343118af0b
SHA512

e98dac47f1d8c88c2e890b38d850daf341f20d9addecd94922589e7abd680488bac87ca07ff3a6139de82dea8b583d3548036c20e554a6d5a60fe70de091964f
SSDEEP

3072:c8vTzDTNiDAgYiQW6hKnMma4iASZtzfoFYqhaRwuMwCDN0azm0LKbtPG9gEn9Q:c2fPNNDzWBSrboFYcaRwuMBmiebh1E9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33b7f5988f32314dbe0a3e24dfc5c8ba_JaffaCakes118

Files

33b7f5988f32314dbe0a3e24dfc5c8ba_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fda82a0d097add3e1d80d0cde52a7561

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetProcessHeap
GlobalFindAtomA
GetCurrentProcess
GetModuleHandleW
GlobalFindAtomW
lstrcmpiA
DeleteFileW
GetThreadLocale
RemoveDirectoryA
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoA
GetOEMCP
GetCommandLineA
GetModuleHandleA
lstrlenA
lstrcmpA
GetLastError
SetLastError
MulDiv
GetConsoleOutputCP
GetVersion
CopyFileA
Sleep
GetTickCount
GetUserDefaultLangID
GetACP
DeleteFileA
GetCurrentThread
IsDebuggerPresent
lstrlenW
GetWindowsDirectoryA
lstrcmpiW
GetCurrentProcessId
SetCurrentDirectoryA
VirtualAlloc
LoadLibraryW
GetDriveTypeA

user32

GetSystemMetrics
CharNextA
GetDC
GetDesktopWindow

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE