62cf74bd4b6556174f6b4b781f38de37_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62cf74bd4b6556174f6b4b781f38de37_JaffaCakes118
Size

527KB
MD5

62cf74bd4b6556174f6b4b781f38de37
SHA1

43bc15231bea2c6a533e3268d95e844175218556
SHA256

727e9bdcda868b5b1d7ab421ffdc60dff8c3bcb5929dc82a2abed5b1cd595e52
SHA512

67463331c803b25ea8bca7d83ec54c47507f83d7475c2aa3dda7ff20cb18f3e5ee73f40488243a05416df1d3babb887eb7197e83013d9acceb00fe56a8e7d54d
SSDEEP

12288:RhqEfMIj9hqXcH3ueUFj+Axj5ylCr8QXruYFfTU4S1YzFk:FN9hA2ueU5bnrhyYC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62cf74bd4b6556174f6b4b781f38de37_JaffaCakes118

Files

62cf74bd4b6556174f6b4b781f38de37_JaffaCakes118
.exe windows:5 windows x86 arch:x86

455df9bc950047ae60f59beca1715dcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
EnterCriticalSection
ExpandEnvironmentStringsW
SetFileAttributesW
CreateThread
ReleaseMutex
SetLastError
GetCurrentThread
FlushFileBuffers
lstrcatW
GlobalLock
GetSystemTime
GetCommandLineA
OpenProcess
CreateEventW
lstrcmpiA
FindFirstFileW
lstrcpynW
SetFileTime
FindClose
SetEvent
CreateFileMappingW
WriteFile
HeapFree
GetDriveTypeW
SetEndOfFile
MoveFileExW
CopyFileW
UnmapViewOfFile
GetUserDefaultUILanguage
GetModuleHandleA

user32

GetDlgItemTextA

Sections

.qzyp
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wziz
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zun
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ