67de0649ea3a098750b4642d1129b80a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67de0649ea3a098750b4642d1129b80a_JaffaCakes118
Size

181KB
MD5

67de0649ea3a098750b4642d1129b80a
SHA1

9869abfeff146622f503915a621e7a6885f38692
SHA256

4ea0a58876a02844e45fcb04c17fcd1c13837e55a206e5342d6f34cbcb806b5c
SHA512

0c494244f715bfac6015227820f24361b937956a970763220d64df5623f6e4c7696d0ca5725193535eef0f9bacb3e141d7ceaf3cfe5be98bc4858c0938afecbf
SSDEEP

3072:EuGFvb+7E4mSxvYbrv+DnvUCTCx0q7gaEZ8chvYdLLsF5PsnHW4z28Cl43Xx1tNv:nGR0Bn1YevUkC37G6cpwpnHWu2n43XxE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67de0649ea3a098750b4642d1129b80a_JaffaCakes118

Files

67de0649ea3a098750b4642d1129b80a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c40a34eb23d7ae825cdab976d9ff54c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadResource
FileTimeToLocalFileTime
GetVDMCurrentDirectories
GetStringTypeW
LocalFileTimeToFileTime
FreeLibrary
SetThreadPriorityBoost
SetEnvironmentVariableW
FindNextFileW
HeapCreate
EnumResourceNamesW
GetShortPathNameW
SetErrorMode
SetCurrentDirectoryW
FileTimeToSystemTime
FindResourceW
RegisterWaitForSingleObject
CompareStringA
FindFirstFileW
SystemTimeToFileTime
GetLocalTime
FindClose
SearchPathW

user32

SetCapture
InvalidateRgn
GetCapture
ExcludeUpdateRgn
ValidateRgn
ValidateRect
ReleaseCapture
GetWindowInfo
GetUpdateRgn

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ