356f5ee571aefa40c8002e188a12a3cc_JaffaCakes118 | Triage

Sharing

General

Target

356f5ee571aefa40c8002e188a12a3cc_JaffaCakes118
Size

130KB
MD5

356f5ee571aefa40c8002e188a12a3cc
SHA1

593af62c2bae2a078d4233bf19d88ab1492ae924
SHA256

ce0fa391e53128481475534077a2c6a16f8b57178202ce8059b7059bc7adab14
SHA512

cf2c88307ad1b7b4289ffc5dc59040531d82c9095489a058b059a1621a035e15e00c15acc97b7b24b780ab4d78e988ef6a7cb23568509d86c37c9b82b8c6130f
SSDEEP

3072:wHFVzV09PH2JGcswBYdsgPPA3+F0NpbnFXfei6x8EPN16IssVdx6Pr1fvIKEdTzN:wHK9PH2JGcswBYdsgPPA3+eNpbnFXb6T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
356f5ee571aefa40c8002e188a12a3cc_JaffaCakes118

Files

356f5ee571aefa40c8002e188a12a3cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd7deab7e0a0f3c8490e7706ccd631ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CreateSemaphoreA
ExitProcess
FindAtomA
GetAtomNameA
GetFileAttributesA
GetLastError
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject

msvcrt

_rmdir
__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_errno
_findclose
_findfirst
_findnext
_fullpath
_iob
_onexit
_setmode
abort
atexit
fclose
fopen
free
fwrite
getenv
malloc
memchr
memcpy
memmove
memset
rand
remove
signal
sprintf
srand
strcat
strcmp
strcpy
strlen
strrchr
time

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE