490cfc087b8111ad96909be06bed9cd2_JaffaCakes118 | Triage

Sharing

General

Target

490cfc087b8111ad96909be06bed9cd2_JaffaCakes118
Size

133KB
MD5

490cfc087b8111ad96909be06bed9cd2
SHA1

ca9361bf5689bbab08dc79629a473840aedab0ba
SHA256

843ce739eb9e17b22035bfb0a8c03606579927256a4ca91d87f26780638ba052
SHA512

34c09722b486e647960ec5fa23e1cc881666033c388b44f8e2c2abb81967ce58d45ce2fdff4b88618b4158cc8a6f540275d59fd40d96b36e9ca45eac5501df43
SSDEEP

3072:OIocqPrPC+lxHS9NdXhLdPdxALskz5uSOW23qdQ:JkTCYHqNdZdXAHSW23UQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
490cfc087b8111ad96909be06bed9cd2_JaffaCakes118

Files

490cfc087b8111ad96909be06bed9cd2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

812c27df5aa353fe5098542519bb9907

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE