67496ba59692f3893d8303fdfaa4ae94_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67496ba59692f3893d8303fdfaa4ae94_JaffaCakes118
Size

337KB
MD5

67496ba59692f3893d8303fdfaa4ae94
SHA1

7c188a41cc15f715f4a08c2e719eb2e70b8aa5a8
SHA256

d0d002b5eba6ada4ff6dd5ab47d1b5baf773b8864644409bfbd5a5f194181c49
SHA512

613bf748b2da8a4d90432e6ea80c0fb25bc1e599c0045e1e5bd16583195a3caa08ce5bffa0913b00e85cdd6ef144059c9933fcbc964f927b421d26ecc416b41f
SSDEEP

6144:GJbqUAJfLZ6F8Yw0NWxY+v99c5GXbNH1sa+M044VqiTdE:GJbqUAJfjgE85GXbIaZPmE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67496ba59692f3893d8303fdfaa4ae94_JaffaCakes118

Files

67496ba59692f3893d8303fdfaa4ae94_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2af9da278bff160adb5047058bcbd41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
CreateFileA
WriteConsoleW
GetLocaleInfoW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
RtlUnwind
LoadLibraryW
InterlockedExchange
LCMapStringW
LCMapStringA
WriteFile
GetOEMCP
GetACP
GetCPInfo

msvcrt

_iob
_initterm
pow
fprintf
sinh
?terminate@@YAXXZ
free
malloc
_adjust_fdiv
exit
_CIpow
_ftol
__CxxFrameHandler
_purecall
_except_handler3

avifil32

AVIBuildFilter

advapi32

RegQueryValueExW
RegQueryInfoKeyW
RegCloseKey
RegCreateKeyExW

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ