47920fcd221f81f9e8dec347f3add1c8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47920fcd221f81f9e8dec347f3add1c8_JaffaCakes118
Size

120KB
MD5

47920fcd221f81f9e8dec347f3add1c8
SHA1

181d3336781ee4cd25214f6c4a80cc0e3202b804
SHA256

03a56af651ac50369310e95f5468b1fd801c32209586bf5b4d556b9e409324e4
SHA512

5e0869021d913f4572e1f7e6562fd101701ceeff2e525fef974bacf15412cc4b7474ecfd2ae3649aa8d3a4591a550bb27671f743a37cabe653bf992637aeed4c
SSDEEP

1536:Zm+zeUgqEWTnVgmgHULegnxvWV/Y3gjt/PlwHOPymPgwWKdi1YYhK59E3YOXqYs:iSECnzg0Leg9MY3gjtXRyV1YuK5K3rqB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47920fcd221f81f9e8dec347f3add1c8_JaffaCakes118

Files

47920fcd221f81f9e8dec347f3add1c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62650de8d7fd56f84928a3b0e6070936

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetLocalTime
WriteFile
CloseHandle
GetExitCodeProcess
TerminateProcess
WaitForMultipleObjects
CreateEventA
CreateProcessA
GetStdHandle
DuplicateHandle
GetCurrentProcess
OpenProcess
CreateFileA
GetLastError
GetModuleFileNameA
GetCommandLineA
GetVersion
ExitProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
FlushFileBuffers
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
SetFilePointer
MultiByteToWideChar
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
LoadLibraryA
SetStdHandle
GetStringTypeA
GetStringTypeW
ReadFile
LCMapStringA
LCMapStringW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE