84b350883656a8fa8e0a70a9d32131d8_JaffaCakes118 | Triage

Sharing

General

Target

84b350883656a8fa8e0a70a9d32131d8_JaffaCakes118
Size

174KB
MD5

84b350883656a8fa8e0a70a9d32131d8
SHA1

c029735b207bcf23cc1cd5095c947c6ddfe806f3
SHA256

86c6945de0ca2c06f4eda98016b3ae6d8e3e60d89be6c8925470398b5695d4c2
SHA512

a60af788592424a22c1e44eaabedd45f4e8ca6458f454e484a1f2239fc87d022f9c810e41f31b7442d62bd4e6a6ac5a934f1adefcc77ad6cb72aaa5b1d7b2fbc
SSDEEP

3072:as71quzfQaEkWfMrdV+hgcnnzqhsMLX5R4q/jZHiUubthYI4Kqfugm:f7nTQ3jErdggcnzchX5Sx5hYlcgm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84b350883656a8fa8e0a70a9d32131d8_JaffaCakes118

Files

84b350883656a8fa8e0a70a9d32131d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8eb77cb0555b854cfb279c00daaecf73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW

kernel32

ReplaceFileW
GetTickCount
IsDebuggerPresent
UnhandledExceptionFilter
GetProcessId
QueryPerformanceCounter
InterlockedCompareExchange
InterlockedExchange
Sleep
EnumResourceTypesA
GetCurrentThreadId
TerminateProcess
ExitProcess
GetCurrentProcessId
GetStartupInfoW
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetCurrentProcess

user32

EnumDisplaySettingsW

comctl32

InitCommonControlsEx

clusapi

CloseCluster

advapi32

RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ