6276734470666459b237449462e9c332_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6276734470666459b237449462e9c332_JaffaCakes118
Size

43KB
MD5

6276734470666459b237449462e9c332
SHA1

fe5325d2474387a98dbbb8eafd3fa5119c4a5e53
SHA256

d84a29f305af3184606cc86aed251e76c0a3e1c62757def70933072d21f3833d
SHA512

d4e804801252a9ba76b224036bb23868f6253a8cd8cf36997a1b0d1c6152a1722cf80d1815bda49180b50450cc67991da819b52dbd5202989f13f42df90a3f62
SSDEEP

768:h7LPSUlSCfCAm9bqaKjpt1MM6Y1uXxzzfDooBk6/rN664Ynch/2aXl+:5SUlSCqAObq9paNBfDooBR/cYncx1+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6276734470666459b237449462e9c332_JaffaCakes118

Files

6276734470666459b237449462e9c332_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0e013220ae41395571adc9b1078c34bb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
FlushFileBuffers
FindFirstFileW
GetUserDefaultUILanguage
CreateFileMappingW
CopyFileW
GetCommandLineA
SetThreadPriority
DisconnectNamedPipe
GetSystemTimeAsFileTime
FindClose
GetCurrentThread
CloseHandle
GetTimeZoneInformation
GetTempPathW
WriteFile
CreateEventW
CreateMutexW
GetDriveTypeW
OpenProcess
lstrcpynW
EnterCriticalSection
lstrcmpiA
CreateThread
GlobalLock
SetLastError
GetModuleHandleA
MultiByteToWideChar
CreateProcessW
SetEvent

user32

CharLowerBuffA
GetWindowLongW

Sections

.czsxur
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xutkb
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hezoh
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ