3965be7fc2ba5ad57685836150b4d446_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3965be7fc2ba5ad57685836150b4d446_JaffaCakes118
Size

69KB
MD5

3965be7fc2ba5ad57685836150b4d446
SHA1

1ed28eee7b65d06ea22f9a6cecdd77421310c5e0
SHA256

2f64630e84bc945f55275ef918083cab800edf0965a1c52d42e919179b2f65d8
SHA512

d21644f5b65e644a20e0a510bcd497f1894b4a8461c758192d864306eb500461aaa3a709bf05855b74e2342b72668366eff63332988b98cf221c92e25580262a
SSDEEP

1536:FCjizf3S9xGCccv253Z9dAnvrEhqTHJk+GCrg6LXet8S5HManhwEj:FCjEf3SavMvYh2HJkYLuMahwEj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3965be7fc2ba5ad57685836150b4d446_JaffaCakes118

Files

3965be7fc2ba5ad57685836150b4d446_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab1159e9de84fc2b2c745b1c5291a9fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateProcessW
DeleteFileW
Sleep
GetTickCount
DeviceIoControl
WaitForSingleObject
GetCurrentProcess
GetTempPathW
LoadLibraryW
CopyFileW
CreateDirectoryA
ResetEvent
WaitForMultipleObjects
VirtualFree
VirtualProtect
VirtualAlloc
RemoveDirectoryW
MoveFileW
FindNextFileW
FindFirstFileW
TlsSetValue
TlsAlloc
GetCurrentThreadId
GetModuleHandleW
GetCommandLineW
GetProfileStringW
GetModuleHandleA

msvcr71

fclose
fwrite
fseek
fopen
free
malloc
_c_exit
_exit
_XcptFilter
_cexit
exit
__p___initenv
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
wcslen

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ