658a5ca62681dea5fd6b8434ddba8b25_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

658a5ca62681dea5fd6b8434ddba8b25_JaffaCakes118
Size

187KB
MD5

658a5ca62681dea5fd6b8434ddba8b25
SHA1

e047a55258549e88ba63ad1e9b218e2a53ddd29b
SHA256

5b863ac9f8199390b43b565a9985965c25120c8c2b5c215a6221821627008918
SHA512

109c5a46ad1cfa2093b43aaa782f5faa2f9d0334a495c8a256a8c01ca5bf40ac0aecf706e0aba9af90627ac77fe508096ceb736d496f150ee39945f47a0307ee
SSDEEP

3072:cmTeXrDnCI5ZcBxjUYTP5HPa67gdRNNtnsy7ojPgoT4NTXVpnx6:cmSCI5ir4YTcntN0jooMTrn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
658a5ca62681dea5fd6b8434ddba8b25_JaffaCakes118

Files

658a5ca62681dea5fd6b8434ddba8b25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c80ef61a2841f3b0f421a47e5f7be16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetProcessPriorityBoost
DeleteCriticalSection
TerminateThread
WriteFile
Sleep
CreateProcessW
GetModuleFileNameW
GlobalAlloc
ReadFile
EnumResourceTypesA
CreateFileW
GetModuleHandleW
GlobalLock
InterlockedIncrement
InterlockedDecrement
CreateEventW
GlobalUnlock

ole32

GetHGlobalFromILockBytes
CoTaskMemFree
StringFromGUID2

imm32

ImmAssociateContext

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ