41c7c841ba87d8f0a8177bb0364f28c3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41c7c841ba87d8f0a8177bb0364f28c3_JaffaCakes118
Size

376KB
MD5

41c7c841ba87d8f0a8177bb0364f28c3
SHA1

443226ae93e8757a4e511d9493ff8216429fbc73
SHA256

194d6064cc90fbc62e9e46bac22a0fe060fc4186ca44a0a94901c4d8a106aae7
SHA512

bd4a520ec9d102db47ddf979817f9c1425b53fb8a6859570cd344634a6e9c81924a39ca9a4704717e1a5efaaf51676256680e29612a60ccec66a0dd302e5aa74
SSDEEP

6144:tY69NIULsi/q5F3GxfJll5THXjoCnKT0HpHZVL7otIePOeODjkEpNCSRv:tYmiULs+yF3GVJVTXjrzJHZ1stIePzOL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41c7c841ba87d8f0a8177bb0364f28c3_JaffaCakes118

Files

41c7c841ba87d8f0a8177bb0364f28c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6fc27a1db5699b0e733806cfd4bd756e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetCommandLineA
LocalFree
GlobalAlloc
GlobalFree
GetProcAddress
GetModuleHandleA
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
WriteFile
HeapAlloc
HeapFree
RtlUnwind
GetStartupInfoA
GetVersionExA
VirtualAlloc
HeapReAlloc
InterlockedExchange
VirtualQuery
ExitProcess
TerminateProcess
GetCurrentProcess
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetSystemInfo

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 623KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ