34dc44f1302f938b5a0221041290f8a7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34dc44f1302f938b5a0221041290f8a7_JaffaCakes118
Size

356KB
MD5

34dc44f1302f938b5a0221041290f8a7
SHA1

ccc39901c8ccf3efe07a40e41a9fc808790b52a0
SHA256

18ec7e87fa84743cd9ac07fdd34918d9aca2b8b942cb174c2ba167ac7e8baf55
SHA512

bdbf9bc45ba7c68e51b712acb92cbf91f97e4cde3ed596cee89e5b1a4ef2417663f98791b41ad8502269b58edc4067d4d4cb2666fb04feb8772ca2241df9f61a
SSDEEP

6144:811BjHsTXC16lyvERaqjRG3woBatrJdD9yuKsHN8fMQmh6OemUU9LRr4UcQAZsjW:8CCMu6awpoBUrPQypPtUyr42jHdQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34dc44f1302f938b5a0221041290f8a7_JaffaCakes118

Files

34dc44f1302f938b5a0221041290f8a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e51b7d7ffcc0e935162ad3a88a2908eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
RemoveDirectoryW
SetEnvironmentVariableW
EnumCalendarInfoW
DisableThreadLibraryCalls
DebugBreak
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
OpenEventW
CreateSemaphoreW
ReleaseSemaphore
GetSystemDirectoryW
GetModuleHandleW
GetModuleFileNameW
CreateFileW
GetLocalTime
CreateDirectoryW
CreateTimerQueueTimer
ChangeTimerQueueTimer
DuplicateHandle

oleaut32

LPSAFEARRAY_UserFree
CreateErrorInfo
VarUI1FromI1
GetErrorInfo
SetErrorInfo
VariantInit
SysFreeString

userenv

RegisterGPNotification
UnregisterGPNotification

Sections

.text
Size: 247KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE