486640ad74e7126e71347f40581ed9be_JaffaCakes118 | Triage

Sharing

General

Target

486640ad74e7126e71347f40581ed9be_JaffaCakes118
Size

43KB
MD5

486640ad74e7126e71347f40581ed9be
SHA1

5b0db0d6295dedb55b26ca53f6bfc21cb99c4827
SHA256

9b46cde33171fdf0209617f2f24a0c8d49e1ab0a32a4dc69f6ee2c8824bbf026
SHA512

00b953ab8bafb2738d81f7abd96ddbb937b1e49ae9ce9c596c24a67b23b557a1d0dd74022f63eda0f5433fd2395d91e92d65cb9bf15ca2922b91809fa935f42f
SSDEEP

768:2g8IuIeinpRygjoT1pwWzgDiRh8mwFiYXPKmj7MFZ95jrGRKt2W:cItfpRygjoR/HRh8m49fKm+5PD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
486640ad74e7126e71347f40581ed9be_JaffaCakes118

Files

486640ad74e7126e71347f40581ed9be_JaffaCakes118
.exe windows:5 windows x86 arch:x86

56124d238d83cde42862840cdbb98225

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathW
lstrcmpiA
lstrcatW
SetLastError
GetSystemTimeAsFileTime
MultiByteToWideChar
UnmapViewOfFile
SetFileAttributesW
ExpandEnvironmentStringsW
CreateEventW
CreateThread
FindClose
GlobalLock
GetUserDefaultUILanguage
lstrlenA
CreateMutexW
DisconnectNamedPipe
SetEvent
HeapFree
CreateFileMappingW
FlushFileBuffers
SetThreadPriority
SetEndOfFile
HeapAlloc
CreateProcessW
GetModuleFileNameA
GetTimeZoneInformation
GetDriveTypeW
FindFirstFileW
GetCommandLineA

user32

CloseWindowStation
GetMessageW
GetKeyState
GetDlgItem

Sections

.ihcboz
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yxoh
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fqpex
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ