672b655a320b9cbf57f955a689cb1dd7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

672b655a320b9cbf57f955a689cb1dd7_JaffaCakes118
Size

166KB
MD5

672b655a320b9cbf57f955a689cb1dd7
SHA1

f71d02f646d535a0806165728db92b01c74ac9c1
SHA256

4865f793ed049c636ebe3c694ca7ffeec0c5bfe697c65bac10e16eb806284000
SHA512

dc92ba0e7d531bba0933bd9d66c2d3ce2843de1f4d31fbe9335107cfc04c689d4172c40d1dd95c3e6d98ac835f5dd6c4fd15690373e8007640689f3e40e015b8
SSDEEP

3072:e4RKoiWi9A2/7qMTMnjexWsZxgK1sTCOJOe4h5dRwE1nhYIOTXGxVIhHhvqLmLF8:nRKH9AolgjexzDgKiTCOJ74dd1KXya9r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
672b655a320b9cbf57f955a689cb1dd7_JaffaCakes118

Files

672b655a320b9cbf57f955a689cb1dd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df06b9e4d6503821667e8b7f5a9bed16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CompareStringA
GetNextVDMCommand
LocalFileTimeToFileTime
LoadResource
FreeLibrary
SetThreadPriority
SetCurrentDirectoryW
SetErrorMode
FileTimeToSystemTime
GetStringTypeW
GetLocalTime
FindResourceW
SetEnvironmentVariableW
EnumResourceNamesW
FindFirstFileW
FindClose
RegisterWaitForSingleObject
FileTimeToLocalFileTime
SystemTimeToFileTime
GetShortPathNameW
FindNextFileW
SearchPathW

user32

GetCapture
InvalidateRgn
ExcludeUpdateRgn
ValidateRgn
ValidateRect
RealGetWindowClassA
ReleaseCapture
SetCapture
GetUpdateRgn

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ