4c3dca88fd4ee885061f2593f212836c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c3dca88fd4ee885061f2593f212836c_JaffaCakes118
Size

368KB
MD5

4c3dca88fd4ee885061f2593f212836c
SHA1

75f0f6f0089621a8b39f4da5c963d08c8365c98c
SHA256

c2e8bb89569c75197a44d1d7d757399bcf72c3de1c16ac18cfd648887b0763e6
SHA512

0902ac6590758ef4ab85b35d9724e74765de441869aa3624744836d4833dcf2b05e894a1470d823fbdb580b2830e40da2a57b6b18bf4c6dcd76b83217de4bc26
SSDEEP

6144:CWkL/VLBHilCBVf9JIKLdVqPwqalrBn3Y2JWsbUPug4B8JDsa0EkY3NWo:CWkLtlCgBGpPwqqRY25FIDH0EXp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c3dca88fd4ee885061f2593f212836c_JaffaCakes118

Files

4c3dca88fd4ee885061f2593f212836c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d5f2d2c389f2de7824db91905af138c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CloseHandle
GetStartupInfoA
GetTempPathA
GetThreadPriority
GetCurrentThread
GetLastError
GetProcAddress
GetModuleHandleA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetStdHandle
SetEnvironmentVariableA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
SetFilePointer
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
FlushFileBuffers

user32

GetMenu

shlwapi

PathIsSameRootA
PathAddBackslashA
PathFindFileNameA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ