70a67a5abd2f7bac47c2b008047ec878_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70a67a5abd2f7bac47c2b008047ec878_JaffaCakes118
Size

136KB
MD5

70a67a5abd2f7bac47c2b008047ec878
SHA1

123599b9a6f15656c1782e4ad922b0d07fd1cb03
SHA256

184187fc2e3242964e2b4a9f88f9d72afcbb285fda9ff1b36500eb3e94a8959f
SHA512

049e4ee90b00f8c70c269c065170bfa79ff9cdb621f194a3945dd0cc504a4ed70d7df9115559626d97b3b583109c3b9b50e702c5f69274168f143b8cced0ae5e
SSDEEP

3072:9TM0CSQ4a/UWMtwomahDDPyOqD/9cO08YQVQNJkyAZ14sf0Ky:pM7nJD4wnaVIb9cV8QDky44sMKy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70a67a5abd2f7bac47c2b008047ec878_JaffaCakes118

Files

70a67a5abd2f7bac47c2b008047ec878_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4cfbeda8b80f49adab97033a56702e7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
TerminateThread
QueryPerformanceCounter
UnhandledExceptionFilter
CreateIoCompletionPort
SetUnhandledExceptionFilter
GetStartupInfoW
GetTickCount
EnumResourceNamesW
IsDebuggerPresent
GetCurrentThreadId
InterlockedExchange
GetCurrentProcessId
ExitProcess
Sleep
TerminateProcess
InterlockedCompareExchange
GetCurrentProcess

comctl32

InitCommonControlsEx

user32

EnumDisplaySettingsW

clusapi

CloseCluster

shell32

ShellExecuteW

advapi32

RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ