381e25ceb222a40460df9bc8214ba2ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

381e25ceb222a40460df9bc8214ba2ca_JaffaCakes118
Size

172KB
MD5

381e25ceb222a40460df9bc8214ba2ca
SHA1

8a4e7388c45903b3d7a59096202a468896adfd7d
SHA256

2223aeea72b9f6ef57a83d4931d636ff8347834638b83de14b14a8e1bfcf77d7
SHA512

3f25f58e36890dae7918932a1ca8ddc04296a63dabba2ae04ce3a473aa5f2d401dd080c09eabc22ce78010993669959e53a7286cd752567e9896efdd68063add
SSDEEP

3072:zpf1B8GvSr67jzJg6j9oyudWO3CcW6CFxi37sBxnFJj7sk0jMmCSeCL2I3lTid98:zt1BBvugp9oTCZ6CgsxF9YkkMpSeCqqN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
381e25ceb222a40460df9bc8214ba2ca_JaffaCakes118

Files

381e25ceb222a40460df9bc8214ba2ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bcd81398dc4991f2840c355c1d92baa4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
MultiByteToWideChar
GetModuleHandleA
GetFileSize
FlushInstructionCache
GetTickCount
VirtualProtect
GetLastError
GetProcAddress
LocalFree
LoadLibraryA
Sleep
LocalAlloc
VirtualProtect

user32

wsprintfA
wvsprintfA

Sections

AK[WJ3pA
Size: - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Aju9R)n&
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d>T,fq$u
Size: - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

"@#8Mp9@
Size: - Virtual size: 616B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

4b-e=.1R
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

4n1ml4M5
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HHs<rS?D
Size: 4KB - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ