62b1eb511842bf4b1420a44c5b9eb9d3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62b1eb511842bf4b1420a44c5b9eb9d3_JaffaCakes118
Size

32KB
MD5

62b1eb511842bf4b1420a44c5b9eb9d3
SHA1

6e09a6f2ae822d2219401fbb096fffc5eb4b75d3
SHA256

fb0b0b6ee074a604adc6326ab3ae80fd681c034e3e55c54f15c1a0e0280c7128
SHA512

129d9f83e31213a7f4863aca81dba376d6cfc0455ada5fe34fc627d8f44ed8a2b702ec8de1636dfa8d09321b4b0d2c1052567b7e61ca1b7ed908bdd509645d95
SSDEEP

384:ar24SzcM1uwQuLWnf60NipKLSEeCLWmyzBesbZl:ar2PzcLwcfxyKLrLWmy7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62b1eb511842bf4b1420a44c5b9eb9d3_JaffaCakes118

Files

62b1eb511842bf4b1420a44c5b9eb9d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f89359e59cec85c1df9471639c9ee64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExA
IsBadReadPtr
SetStdHandle
TlsSetValue
GetFileSize
GetStartupInfoA
DeleteFileA
ResetEvent
InterlockedIncrement
Sleep
GetLastError
TlsFree
TlsGetValue
CloseHandle
CreateFileA
QueryPerformanceCounter
SetEvent
TlsAlloc
CreateMutexA
GetStdHandle
CreateEventA
lstrcmpiA
WaitForMultipleObjects
ExitProcess
LocalFree
FormatMessageA
GetModuleHandleA
ReadFile
VirtualAlloc

user32

TranslateMessage
CreateWindowExA
GetMessageA
GetSystemMetrics
wsprintfA
MessageBoxA
EnableWindow

oleaut32

VariantInit
VariantCopy
VariantChangeType
VarUI4FromStr
VariantClear

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ