60f223b205ed1d36d6ca72d8dc7fbe2d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60f223b205ed1d36d6ca72d8dc7fbe2d_JaffaCakes118
Size

30KB
MD5

60f223b205ed1d36d6ca72d8dc7fbe2d
SHA1

b3496c727a836a2fdb75f5f4c3d0becf05bca5ad
SHA256

25c92c76c9ae34190e592c1015e4e907ac5ab6ca241c3c72f763fba4e23a47d9
SHA512

f05581cd56e5844d9006605b6f373e4f5dc0366617cc44b8cab8d759a81b00b8252fc2df2b55a6738232d0bd3d74d95b7cf8faff68f72d97f92f9d8b2ee00579
SSDEEP

768://7oQm26mPtWoEL2y8L6y2nJ0OmJNhCirF:/kWZPtWnL2yS6bnEIIF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60f223b205ed1d36d6ca72d8dc7fbe2d_JaffaCakes118

Files

60f223b205ed1d36d6ca72d8dc7fbe2d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1c12e260d4685a7cf5ed7fd151f4a64f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrToIntA

kernel32

CreateFileA
SetUnhandledExceptionFilter
GetLastError
Sleep
GetTimeZoneInformation
WideCharToMultiByte
GetSystemTime
GetVersion
CloseHandle
CreateDirectoryA
GetLocalTime
GetVersionExA
OpenProcess
MultiByteToWideChar
CreateProcessA
TerminateProcess
SetLastError
CompareStringA
ExitProcess
LocalFree
FormatMessageA
ReadFile
IsDebuggerPresent
VirtualAlloc
GetModuleHandleA
UnhandledExceptionFilter
GetCurrentProcess

user32

wsprintfA
MessageBoxA
SetTimer
TranslateMessage
GetMessageA
KillTimer

oleaut32

SysAllocStringByteLen
SysStringLen
SysStringByteLen
SysAllocStringLen
SysFreeString
SysAllocString

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ