452452a59b29dae346bde1c84ddc5ce2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

452452a59b29dae346bde1c84ddc5ce2_JaffaCakes118
Size

73KB
MD5

452452a59b29dae346bde1c84ddc5ce2
SHA1

7f221073539d17fa01e4d69b60f66d5299ffb199
SHA256

2b14b01e3843fd9bea3aa6a13d53a0554253aa11ea304be5c8e8261219cbf923
SHA512

c8a92199d128f288b249a178117c0f37de44a3a0378d4d03b3a07ef702e9bcaecf9d083f276a8b0a0dbb5a7e38631ccd408f32406e48bdb6afa86d24095bd3f1
SSDEEP

1536:NAHAzyWWJ5ox02sNLgBOHLopof1I6jkTooo:NqhWs5oxD4LgBc31I6jkTA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
452452a59b29dae346bde1c84ddc5ce2_JaffaCakes118

Files

452452a59b29dae346bde1c84ddc5ce2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d692f440c4d87205d3efa81cb4a1578

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetFileSize
CreateFileA
CloseHandle
VirtualFree
lstrcmpiA
GetProcAddress
GetModuleHandleA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
WriteFile
CopyFileA
ReadFile
GlobalFree
FlushFileBuffers
GlobalAlloc
DeviceIoControl
Sleep
WinExec
lstrlenA
GetModuleFileNameA
ExpandEnvironmentStringsA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetFilePointer
GetLastError
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeW

user32

wsprintfA

shlwapi

PathFileExistsA

imagehlp

CheckSumMappedFile

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE