73b0159e7f2da656a9fc318e8987fb69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73b0159e7f2da656a9fc318e8987fb69_JaffaCakes118
Size

2.2MB
MD5

73b0159e7f2da656a9fc318e8987fb69
SHA1

be20b91e9c4d5ed0c7be9a5c571fd0bf23e32934
SHA256

974e872fa571bbcef041e26d9bd606309bba69216c7f350f5a145baab8217fc8
SHA512

c7bf5f6d6e8da2ecf5804255ebd47e32440ebe69fa68009eb7ec94cdc65e6794bd991b39a18d1c942fd63b317f16b59663f1ddcfc9f8d1700cbcfbc7adf4b870
SSDEEP

49152:Sy8k7JgaAvb3f3+eU2JDpA13hwBGz3QpAjg9OHP3d0XcVlgYw4w5H94hwEPifg:Sy8k7JgV3NF21xwY3eA89Ov3d0Xc8d4h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73b0159e7f2da656a9fc318e8987fb69_JaffaCakes118

Files

73b0159e7f2da656a9fc318e8987fb69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99b3efd38ae1009543e5455249697021

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextExtentExPointA
SetICMProfileA
SetWindowOrgEx
GetClipRgn
DeleteColorSpace
ArcTo

kernel32

lstrcpyW
SetConsoleTitleA
GetFileSizeEx
SwitchToThread
SetCurrentDirectoryA
GetModuleHandleW
ExitProcess
AddAtomA
VirtualAlloc
Module32FirstW
GetCommandLineW
GlobalMemoryStatusEx
GetCurrentProcessId
CloseHandle

iashlpr

ShutdownIas
MemFreeIas
InitializeIas
FreeAttributes
MemAllocIas
AllocateAttributes
DoRequest

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 5KB - Virtual size: 913KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 3.9MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 1024B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ