82f242ea8ecbe5f0741199d63c812155_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82f242ea8ecbe5f0741199d63c812155_JaffaCakes118
Size

3.7MB
MD5

82f242ea8ecbe5f0741199d63c812155
SHA1

35b6221bd7c4304b0990ff4973d73ea5fbd1e8ba
SHA256

9c9e385e4ba647c9abbaad001165aa8a0f05084529215b1fae51833326b07530
SHA512

dbf06b0b35d63f5677cac0f61262f7f805f9f37e88ff4fc7e2e110695bf61b942c55421426c534df5e4375be3e299d72020780497c46923b5b13be4bd10b7588
SSDEEP

98304:S3Rk1Ilz2Q/oGB/d6fyeSZZI2+nxudOlDCUHQdJyl3J28ZS4htySG0G:clz+cd727us6DylMcSOAJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82f242ea8ecbe5f0741199d63c812155_JaffaCakes118

Files

82f242ea8ecbe5f0741199d63c812155_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a295dbce9fa2b9e26778097e8cb93f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetSystemInfo
GetStringTypeW
GetFileSize
LoadLibraryA
TlsSetValue
CloseHandle
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
WideCharToMultiByte
VirtualFree
FindResourceA
DeleteCriticalSection
HeapCreate
LocalAlloc
TlsGetValue
GetCurrentProcess
LocalFree
FreeLibrary

Sections

.text
Size: 742KB - Virtual size: 741KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 394KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ