395a58efa38c848e171dddaf87b91c84_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

395a58efa38c848e171dddaf87b91c84_JaffaCakes118
Size

316KB
MD5

395a58efa38c848e171dddaf87b91c84
SHA1

3fef0fa5403db4f4c9386eea1c6297e21ad32378
SHA256

99c6fd3700258d135e827a8d4d586e8d37b0566b3c804d33a1f3692249df888a
SHA512

1d101689a47ad456d133d77ffe2340757ff43d67b5b0758f64ae27295aed99258569203e26c9152b81387c736d079ba92d16af9b8ae42c41711a483c71948ed4
SSDEEP

3072:YR2AVqvpjOImS6kZ7UyTfsp/PmVzff4dNcaa7YgTT/G7aR9ZW8uqWXewRcN7wR1g:1GMWCzwRcNw0oTELCgF43q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
395a58efa38c848e171dddaf87b91c84_JaffaCakes118

Files

395a58efa38c848e171dddaf87b91c84_JaffaCakes118
.exe windows:4 windows x86 arch:x86

521da84bcba2314146cab45243963c66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
lstrcatA
FormatMessageA
lstrcpyA
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
GetLastError
GetModuleHandleA
CreateThread
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar

user32

CharToOemA
DispatchMessageA
PostThreadMessageA
GetMessageA
TranslateMessage
LoadStringA

ole32

CoGetClassObject
CoInitialize
CoUninitialize

oleaut32

SysStringLen

msvcrt

malloc
__getmainargs
__p___initenv
_exit
_XcptFilter
printf
free
_controlfp
__argv
__argc
__set_app_type
_initterm
exit
_except_handler3
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ