69f8f7d99c27656341c30842318a9a01_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69f8f7d99c27656341c30842318a9a01_JaffaCakes118
Size

353KB
MD5

69f8f7d99c27656341c30842318a9a01
SHA1

3eb01d9b7db202250c8a1fdb45d7688cb85e37c8
SHA256

5886ab700a92ed28d8f57c8786f94cd37bd33e5b5af063672a3da6f8f87f61c7
SHA512

481d0685a4c634c29fbbab21450be131e429d8166b1218d3fee41e69e1aec2d11119ea8cdf1e0b85a875084b1def2777e743a122c0960d0495587734429a84e8
SSDEEP

6144:15himhA+/KT6qHl5+ZXzDZi/JKvpN89E+4v29xWu7UOkqKklzPmSk5viPD2fPGo:v+ovCQDVeI29EfveWudKkMwL23

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69f8f7d99c27656341c30842318a9a01_JaffaCakes118

Files

69f8f7d99c27656341c30842318a9a01_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05117652f2b5ae50f823149af28a051e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
SetErrorMode
CreateMailslotW
EnumCalendarInfoExW
FreeLibrary
LoadLibraryA
IsBadCodePtr
UnhandledExceptionFilter
GetEnvironmentStrings
GlobalFlags
GetWindowsDirectoryA
VirtualQuery
SetHandleCount
LCMapStringA
GetModuleHandleA
GetTickCount
InterlockedExchange
LocalFree
InterlockedDecrement
LocalAlloc
GetThreadPriority
GetCurrentThreadId
LockResource
GetVersion
CloseHandle

oleaut32

LPSAFEARRAY_UserFree
CreateErrorInfo
VarUI1FromUI8
GetErrorInfo
SetErrorInfo
VariantInit
SysFreeString

userenv

RegisterGPNotification
UnregisterGPNotification

Sections

.text
Size: 227KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE