35241abe0c5b97940d3aa15540073e09_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35241abe0c5b97940d3aa15540073e09_JaffaCakes118
Size

205KB
MD5

35241abe0c5b97940d3aa15540073e09
SHA1

0075fc262d9473f54c318ad156308bfa4e9aad0d
SHA256

2da61f1e2b512fc4cbcbe361c6e541a548fd720d1b7fe18aaad993ff851b4bdd
SHA512

215fcf539e1306d9c1b1d61bf7bccc39a7c22cc78a948c8f0e690ce29401409ca87d442fdfe7d56ffadc4061a3f87b5fd2ccea9e494da0dd584719e1a3bc2990
SSDEEP

3072:WTRkH3yXBjowNduLrmGEWBY4tPefVtkrMMBLMMwBCPLEJrU3apC64x:WTykjL0Bxmv4wBCTEzpC5x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35241abe0c5b97940d3aa15540073e09_JaffaCakes118

Files

35241abe0c5b97940d3aa15540073e09_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e2d4fc95ceb6609730d1b22a8f9a6ceb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GlobalFindAtomA
GetModuleHandleW
DeleteFileW
MulDiv
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetLastError
GetOEMCP
RemoveDirectoryA
GetStartupInfoA
SetCurrentDirectoryA
GetCurrentThread
SetLastError
GetModuleHandleA
GetVersion
lstrcmpiW
DeleteFileA
GlobalFindAtomW
GetWindowsDirectoryA
CopyFileA
GetUserDefaultLangID
IsDebuggerPresent
QueryPerformanceCounter
GetConsoleOutputCP
lstrcmpiA
GetDriveTypeA
GetCommandLineW
GetCommandLineA
GetThreadLocale
lstrlenA
GetCurrentProcess
lstrcmpA
GetProcessHeap
LoadLibraryW
lstrlenW
Sleep
VirtualAlloc

user32

GetDesktopWindow
GetDC
GetSystemMetrics
CharNextA

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ