399882176b4239aec4f4416194cd64b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

399882176b4239aec4f4416194cd64b6_JaffaCakes118
Size

348KB
MD5

399882176b4239aec4f4416194cd64b6
SHA1

535627dc4f2b12ed69b2ea7243616eff708e08c3
SHA256

ba7483c1c5ca6988145fc4ea305b65fa232cd9bdf28aab7cbf92589785b6be13
SHA512

0cae86c1124003afc97b67dd32c636da2036e2a71a71ae7354736c15d87d9632c4f64b72d79a9355248a603f09445f2ff6c0add07f5093d1225fdf8d6482f85f
SSDEEP

6144:lHdmIY6yH9AI30DpTzazoUSUhQqbm46yyq/ZUxEFi8AkKwl+wd8Vt:lHdxY6ydAI30tScHUBbm46TSG6FigKw6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
399882176b4239aec4f4416194cd64b6_JaffaCakes118

Files

399882176b4239aec4f4416194cd64b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3cf43237e642f6bdcec2637d401a8ff3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
LocalLock
GetSystemTime
GetSystemDirectoryA
GetLastError
VirtualFree
CloseHandle
UnmapViewOfFile
lstrlenA
GetModuleHandleA
WaitForSingleObject
GetProcAddress
HeapDestroy
GetCommandLineA

user32

wsprintfA

advapi32

AddAce
CopySid

ole32

CoUninitialize

avifil32

AVIStreamCreate

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 184KB - Virtual size: 755KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ