74401bb3e2fbaf02fd24483d904e36e8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74401bb3e2fbaf02fd24483d904e36e8_JaffaCakes118
Size

193KB
MD5

74401bb3e2fbaf02fd24483d904e36e8
SHA1

d89eb454ed8a81d0ff3d880a1baf3302a6b1e789
SHA256

098ef5f93985b234906a69d83c6339792dcd262c9c57cd4eb2f843bbea77ea83
SHA512

1a3195eb3a8e1d68b61141370eb939ae02c08b3c8b9182924b1dd70224fb9ca3b4923f28dcabdbaec975d7c43a649e169afcb6461285a62cb0b358d594dd4413
SSDEEP

3072:S4GDvc7M/BXLNz3rqZ8n+lrezEgbFsEK4TZLIWUmPU:oD5NP+FevSEX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74401bb3e2fbaf02fd24483d904e36e8_JaffaCakes118

Files

74401bb3e2fbaf02fd24483d904e36e8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1c3b8a7e9b5a35511cd11008ad604d20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
CopyFileA
GetWindowsDirectoryA
GetModuleHandleW
GetCommandLineA
RemoveDirectoryA
GetModuleHandleA
GlobalFindAtomW
lstrcmpiW
GetLastError
GetACP
IsDebuggerPresent
lstrlenW
Sleep
GetCurrentThreadId
DeleteFileA
GetProcessHeap
GetVersion
GetStartupInfoA
GetThreadLocale
GetCurrentThread
DeleteFileW
GlobalFindAtomA
SetLastError
GetUserDefaultLangID
lstrcmpiA
GetOEMCP
lstrcmpA
GetCurrentProcessId
GetCurrentProcess
MulDiv
lstrlenA
QueryPerformanceCounter
LoadLibraryW
GetTickCount
GetCommandLineW
SetCurrentDirectoryA
GetConsoleOutputCP
VirtualAlloc

user32

CharNextA
GetDesktopWindow
GetDC
GetSystemMetrics

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ