71b3f5c1bbde56e61d6eacba89461b97_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71b3f5c1bbde56e61d6eacba89461b97_JaffaCakes118
Size

359KB
MD5

71b3f5c1bbde56e61d6eacba89461b97
SHA1

bb1b8902f6cac8e44f6c747d778b081ecf074a19
SHA256

e7a15ce37528c57fbf26ac2a139e51f9553df49b6b5064a4e1d5ac0a6c53e80d
SHA512

762f31090600d65dfec353ee0682c1899b5bac46d7e4217413f53b11e262f09bd9165b9a987d7378642b65ee683dd476d83bf3ccaed0c17afdcec1799798f564
SSDEEP

6144:eoyoMGGGGGGGGGGbGGGGGGGGGG6GG/DGXxeXJE85PmWyVcjUkdHbIIAkSGTbDoY:2KHjlhFTnT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71b3f5c1bbde56e61d6eacba89461b97_JaffaCakes118

Files

71b3f5c1bbde56e61d6eacba89461b97_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4722b51a2f970a92a6464080a23d0869

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
Sleep
GetTickCount
LockResource
GetModuleHandleA
SizeofResource
FindResourceA
CreateMutexA
OpenMutexA
LoadResource
GetProcAddress
GetStartupInfoA

advapi32

GetUserNameA

msvcrt

_except_handler3
malloc
exit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
strstr

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 353KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ