703998f584529876b521dd8ea27cbed9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

703998f584529876b521dd8ea27cbed9_JaffaCakes118
Size

952KB
MD5

703998f584529876b521dd8ea27cbed9
SHA1

69d8db2c0b508f3c5aab98dcf1b6b5f0871b2f02
SHA256

ea3580ea1d883d82bd55e06353ae9e7bbdb68a39d592333fda08b5fe24dd3fbe
SHA512

3a9cf37a3fdeec916d6e74848f9a5cd7d63537cff934ed926e063c6b18e07ec8babc9322e89eec58f0ac777c0d36ca38f4d1ea57faa7a0e466958d5431917934
SSDEEP

24576:ZZk0QlG4tnTGQgLKalUXBqgQOZpBv1DjqEUtGmK0Dmm31ZxPM:mlG4tnTZQlUXdbbKemCm5E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
703998f584529876b521dd8ea27cbed9_JaffaCakes118

Files

703998f584529876b521dd8ea27cbed9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e301c1daf6d287a78f1b2b13dc702b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
SizeofResource
LockResource
LoadResource
ExitProcess
FindResourceW
GetEnvironmentVariableW
CloseHandle
WriteFile
CreateFileW
GetModuleFileNameA
SetFilePointer
ReadFile
SystemTimeToFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
MultiByteToWideChar
CreateDirectoryW
GetFileAttributesW
SetFileTime
GetModuleHandleW
GetStartupInfoW

user32

wsprintfW

shell32

ShellExecuteW

msvcrt

_XcptFilter
??2@YAPAXI@Z
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
_CxxThrowException
wcscat
sprintf
calloc
free
malloc
wcslen
wcscpy
wcsstr
_exit
??0exception@@QAE@ABQBD@Z
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
_controlfp

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 989KB - Virtual size: 989KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ