71d3a0d0d33df1905f4002ea073b4946_JaffaCakes118 | Triage

Sharing

General

Target

71d3a0d0d33df1905f4002ea073b4946_JaffaCakes118
Size

617KB
MD5

71d3a0d0d33df1905f4002ea073b4946
SHA1

2bbbb9429c9fedce0c7c1388c987b2029f16405d
SHA256

8d8f283c1cac3077269d2a2475b518396bf2d46efe9bb351b696523f05aa6bea
SHA512

fefe5210ff46a2c03af948ce68f860e79ed1bfad1067bee6c309c1c4268d7af84bc3778c04cb4233045fc55cc64cc5bb473489db5d5a2f0b5c4716970d27419e
SSDEEP

12288:OeNaSVpogJ0x9vKV9t19QHKk7C026VUra+MnHpmoZH010CwvTd:OOKbvC97+J7hN+MnHIATd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d3a0d0d33df1905f4002ea073b4946_JaffaCakes118

Files

71d3a0d0d33df1905f4002ea073b4946_JaffaCakes118
.exe windows:5 windows x86 arch:x86

818f1fbcebdb7a5abf3dc7abeb6af66a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FormatMessageA
GetLastError
SetLastError
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingA
VirtualFree
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
GetModuleFileNameW
UnmapViewOfFile
lstrlenW
lstrcpyW
HeapFree
lstrcpynW
GetFullPathNameW
SetEnvironmentVariableW
HeapAlloc
GetProcessHeap
GetFileSize
ReadFile
SetFilePointer
CreateFileW
WideCharToMultiByte
GetEnvironmentVariableW
GetVersion
lstrcmpiW
FreeLibrary
LoadLibraryW

user32

wsprintfW
MessageBoxA

Exports

Exports

plstring_malloc
plstring_release
plstring_retain
plstring_wcsdup

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res
Size: 62KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE