75577b0fcd74f7462240995f7cc326ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75577b0fcd74f7462240995f7cc326ba_JaffaCakes118
Size

130KB
MD5

75577b0fcd74f7462240995f7cc326ba
SHA1

ac1528bd9ebc33b96b4285102222a5d7173c8737
SHA256

62f48738d0ed227628f8672dc08ec7f40c47bf6729d88e8886e9754fb59bbdb9
SHA512

0aded4775df0d200f6f45543f8310e7d32539aff126eae482bfb3a6367eb8f601122a3e78befc080cb42265227ac42f60b25de2ecf25ccb77ce076ef9f4c8afb
SSDEEP

3072:9ZnwYfabv1hdZc4mJ/hEAsPMk/u2q/rAbBKw4DaTIrhL:9Fmz1hdZc4mphE5PHu2q/rOBK/wIF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75577b0fcd74f7462240995f7cc326ba_JaffaCakes118

Files

75577b0fcd74f7462240995f7cc326ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79ec0bd2795e4c834c2d3d8bc63ca364

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommBreak
CreateMutexA
GetStartupInfoA
GetExitCodeProcess
ClearCommBreak
CreateProcessW
EnumResourceNamesW
ReleaseMutex
ExitProcess
ExitProcess
QueryPerformanceCounter
CreateFileMappingA
MapViewOfFile

rpcrt4

RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
NdrClientCall
RpcStringFreeA

user32

CharNextA
SetTimer
PostThreadMessageA
CharUpperA
GetMessageA
KillTimer
PeekMessageA
LoadStringA

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ