833078ff273b21caa0fbffaf5b9932bd_JaffaCakes118 | Triage

Sharing

General

Target

833078ff273b21caa0fbffaf5b9932bd_JaffaCakes118
Size

60KB
MD5

833078ff273b21caa0fbffaf5b9932bd
SHA1

0e95634811fa0606f5697ca140e7693b4481dd85
SHA256

c9b82eb944c443c0fc15934a2f8e68357c9577ef61b5dcbb3ca95e80e94cdce0
SHA512

6d287bccf187236e7200770857d7527e1c787beadca5f6455d79102a4cf70fa64f81bf3383eb503da8c17fe9eab98d0ccb4a0641fbc0f7b81ee7322ec6d46a76
SSDEEP

384:SQ3w2eFSi1UZUmtgAAFQyNWGTu/QmZ1NO16:SnF3UttgAAFQyNWx/jl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
833078ff273b21caa0fbffaf5b9932bd_JaffaCakes118

Files

833078ff273b21caa0fbffaf5b9932bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92a5994d8715d0ef07bddfcc8bdd3cf6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
LCMapStringW
GetEnvironmentVariableA
HeapAlloc
SetMailslotInfo
GetModuleHandleA
GetStartupInfoA

user32

GetQueueStatus
LoadBitmapA

ole32

CoInitialize

msvcrt

_adjust_fdiv
_exit
_XcptFilter
exit
__getmainargs
_initterm
__setusermatherr
_acmdln
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 750B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oihmljc
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ffqvqui
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nbbafyw
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE