67e3b40775e83735ed8ec3fb97f0b495_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67e3b40775e83735ed8ec3fb97f0b495_JaffaCakes118
Size

199KB
MD5

67e3b40775e83735ed8ec3fb97f0b495
SHA1

db422f15c2a0ef9d81c70488a91b7404168febef
SHA256

ef823bdfc123084cc16e481d2775b016af5dd855860f4a951c7ff28f0cfd8f9b
SHA512

23c5cc05f65cfe5ae2ee16e3e5b100557adbc42d631ab24ab067bdc0d453c1ba470085156995f20dc8183437fc4271415e8a711d0c6f0a4e94a4600d22b26deb
SSDEEP

3072:YI5kfMhfc+QTMGRWaewwRrGnG2Dc+khcTulOcUXOE8ylnfWL:YI5kfl+exWz5NnhcClPUeAlf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67e3b40775e83735ed8ec3fb97f0b495_JaffaCakes118

Files

67e3b40775e83735ed8ec3fb97f0b495_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7cb4caf15f12167fc59efa12f8ea2bc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
GetDC
GetSystemMetrics
CharNextA

kernel32

DeleteFileW
lstrlenW
GetLastError
GetWindowsDirectoryA
GetThreadLocale
SetLastError
lstrcmpiW
RemoveDirectoryA
GetCommandLineW
GetModuleHandleA
GlobalFindAtomW
IsDebuggerPresent
GetCurrentProcess
SetCurrentDirectoryA
GetACP
GetDriveTypeA
GlobalFindAtomA
MulDiv
LoadLibraryW
GetModuleHandleW
GetCurrentThread
GetConsoleOutputCP
lstrlenA
Sleep
GetUserDefaultLangID
GetOEMCP
GetTickCount
GetVersion
GetCommandLineA
GetStartupInfoA
QueryPerformanceCounter
GetProcessHeap
VirtualAlloc
CopyFileA
DeleteFileA
GetCurrentThreadId
GetCurrentProcessId
lstrcmpiA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ