850db1175f036565f0e14fc85cac7af2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

850db1175f036565f0e14fc85cac7af2_JaffaCakes118
Size

154KB
MD5

850db1175f036565f0e14fc85cac7af2
SHA1

1ab0e579761f0ee6a6c0203de49fce4a364708b4
SHA256

516a023a24a2db42be916e7c56f6cfb054669070220fcfd12be567b919671c90
SHA512

99463022ea40e557c244f99709528b8703c9db8e64997f71ca4856b683223f4a2a1c9a58df6e7d12984de410ad6e9b02ce927982060c2272283737c8c5cf09e5
SSDEEP

768:TO+nMW+XcV5DlytIg9x9+N05hJ1f2irl65WOyXf5nR:qX5Xwp4++9k05t20l65VcR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
850db1175f036565f0e14fc85cac7af2_JaffaCakes118

Files

850db1175f036565f0e14fc85cac7af2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a39b2f15162bf8f010522cd31e9fc77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
DeleteFileA
lstrcatA
GetSystemDirectoryA
FlushFileBuffers
SetStdHandle
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
VirtualFree
RtlUnwind
GetLastError
SetConsoleCtrlHandler
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
CloseHandle

urlmon

URLDownloadToFileA

Sections

code
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE