4565bc744b75544e593cfa27a8dfa50d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4565bc744b75544e593cfa27a8dfa50d_JaffaCakes118
Size

120KB
MD5

4565bc744b75544e593cfa27a8dfa50d
SHA1

fabcfa0b8ec63af84f766eb5ef4a435727afa063
SHA256

fab93822e68d6a1383f36c2a91f027e7444f654ccb78569167b60600b4a5a632
SHA512

69601f39136038a9e27815a4eb14c9f58036c07d7391af631db2ff9e7547593f8f173dea0686b6742ff1b5d33006aaf39c538d970d5dba2994e3f7a0dba10e7e
SSDEEP

3072:eewAkKRo/DEd0lp4MZKFvITAfUVWTThkeimW:eJAk+o2cuuetW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4565bc744b75544e593cfa27a8dfa50d_JaffaCakes118

Files

4565bc744b75544e593cfa27a8dfa50d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1a2f4464780fd86480bc84bff8279e6e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
GlobalLock
GetDriveTypeW
ReleaseMutex
FlushFileBuffers
GetSystemTimeAsFileTime
SetFileTime
ExpandEnvironmentStringsW
SetEvent
SetEndOfFile
FindClose
lstrcatW
GetUserDefaultUILanguage
GetTempPathW
SetThreadPriority
DisconnectNamedPipe
GetModuleFileNameA
CloseHandle
GetModuleHandleA
EnterCriticalSection
SetLastError
SetFileAttributesW
lstrlenA
CreateMutexW
GetCurrentThread
WriteFile
CreateFileMappingW
OpenProcess
lstrcmpiA
CopyFileW

user32

GetWindowThreadProcessId

Sections

.kjqpsx
Size: 35KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ylkj
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dkvyt
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ