67317ca94dbf1310c4466ea411463329_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67317ca94dbf1310c4466ea411463329_JaffaCakes118
Size

312KB
MD5

67317ca94dbf1310c4466ea411463329
SHA1

387987a3640fdfba4b14b6302f4637b1b8298ca0
SHA256

e8afbae518340d1b48bde5a0c2dd96aa9f7280faa00fa4de0130648f89aac546
SHA512

d35bd3a0e0ac344a037df4e21beb900b94532b156bd0d8519154fb73871605d3c6276621da3f92ed1ae73c8673774afa739c82a1926ca46640559f586819e58a
SSDEEP

6144:pcHi5U3Y96SKM0iDYtiH1+zfsDQNb7CS/eoUQyILSAaZqt8l3rvNr:qiS3Y96SKpi9H1RDQNi0JpRaZqt8Jrl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67317ca94dbf1310c4466ea411463329_JaffaCakes118

Files

67317ca94dbf1310c4466ea411463329_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff233d4c1b92cf8bdea6382f71d9e109

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr80

_decode_pointer
_onexit
_invoke_watson
_controlfp_s
_lock
__dllonexit
_unlock
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_except_handler4_common
memset

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
OpenMutexA
CreateMutexA
GetModuleFileNameA
FindResourceA
SizeofResource
LoadResource
LockResource
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ