379bee047b8fa5fe99835373ab18993b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

379bee047b8fa5fe99835373ab18993b_JaffaCakes118
Size

97KB
MD5

379bee047b8fa5fe99835373ab18993b
SHA1

0cb57973524e4ca46fce46f71e4aec8c477f3969
SHA256

a39a9d99c61e301d460d8384a6d5af911c061d4b4b64c315e6a304ef68b8c460
SHA512

34b12902f6bef98019b858f2e3e80f7c18a08850109b6ff43ac67ae19cc19bb175730daf98aad0803b19fa7e946f8969f789b6ed31225cd1352698f7ea24f00b
SSDEEP

1536:dGd3M5K7wfV6K1m3xc/H46QKSKogvEIziMNZPv6U0lOefn8Hyv2O4jgOoZ:di2V6K1mBc/PfWMEIuMNp6hLn2A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
379bee047b8fa5fe99835373ab18993b_JaffaCakes118

Files

379bee047b8fa5fe99835373ab18993b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

278786a929a7b632a34fed045d8300c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strlen
wcscspn
sqrt
strncmp
sin

comdlg32

FindTextA

shell32

SHGetDiskFreeSpaceA
SHGetFileInfoA
DragQueryFileA
Shell_NotifyIconA
SHGetDesktopFolder

advapi32

RegOpenKeyExA
GetUserNameA
RegQueryValueA
RegDeleteKeyA

kernel32

GetProcAddress
GetModuleHandleA
GetCurrentThread
SetHandleCount
ExitThread
ExitProcess
GetCommandLineW
GetModuleHandleW
GetCommandLineA
IsBadReadPtr
VirtualAlloc
GetDiskFreeSpaceA
lstrcmpiA
GetOEMCP
LoadLibraryExA
GetTickCount
GetACP
GetThreadLocale
CreateFileA

oleaut32

RegisterTypeLib
SafeArrayGetElement

Sections

CODE
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ