59cbde591de21246f4a1319cac8181ca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59cbde591de21246f4a1319cac8181ca_JaffaCakes118
Size

43KB
MD5

59cbde591de21246f4a1319cac8181ca
SHA1

aaf90e9bfc7bd8826b590cf35351eb80f5af3c7c
SHA256

6d438e3c1aad0f528f1cbeef7114e5bec17767d5eb37ae3cfb84c6c412ef814a
SHA512

bed7eea0d56376f3987faaa6a1aaba453b6db10317cc24b52e030b88cce9bb21e7a8d52ba7d0a1843dd1b100022e646eaee6eb31445f24328994ef30a3e7f3e0
SSDEEP

768:SwtmKyn7JByxv49fAMPCOWSk0A9GXTahqJWOJiQHcs3mu0RfV2Y04y68k:3xwdDk99Lh+WUiUPrm2Y9T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59cbde591de21246f4a1319cac8181ca_JaffaCakes118

Files

59cbde591de21246f4a1319cac8181ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29496b9d4109b186ccbbba1cb0ddbc66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
GetModuleHandleA
UnmapViewOfFile
FlushViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
Sleep
DeleteFileA
TerminateProcess
OpenProcess
WinExec
GetCurrentProcessId
CopyFileA
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetModuleFileNameA

shlwapi

PathFileExistsA

msvcrt

_onexit
__dllonexit
time
sprintf
_mbsupr
strcat
_ltoa
strlen
atoi
_except_handler3
_mbsrchr
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

rpcrt4

UuidCreate
RpcStringFreeA
UuidToStringA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 310B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ