857d798eee7a62974ec486ff87c23764_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

857d798eee7a62974ec486ff87c23764_JaffaCakes118
Size

153KB
MD5

857d798eee7a62974ec486ff87c23764
SHA1

7a2c41ab6a93f00f4ada81067c7c304b74664729
SHA256

c9052ccfa0369335b7222a23315268fc9b29a362e806e6a04b2e96e450a65962
SHA512

148430528d7f7b77109ca04c6e8f39f55dbe00558d457ac41317a7c0afdc366572a933150716aff67ff6502d7b2bdaafaa12981980f7dad34ec3f2f488a35be5
SSDEEP

3072:+bVMFFAVC3YfWcZE0xtHVo0zmaVsxEJUiGV94ifmH1uizcj2QengyNNEAk:+5ZnWclXXmaVsx6ujOYio23NNy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
857d798eee7a62974ec486ff87c23764_JaffaCakes118

Files

857d798eee7a62974ec486ff87c23764_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c7dc0c7b6459cb914e376481ec42d11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetErrorMode
FileTimeToLocalFileTime
GetNextVDMCommand
SystemTimeToFileTime
SetCurrentDirectoryW
LoadResource
SetThreadPriority
FindResourceW
FileTimeToSystemTime
LocalFileTimeToFileTime
EnumResourceNamesW
FindFirstFileW
GetStringTypeW
GetLocalTime
FindClose
FreeLibrary
SetEnvironmentVariableW
RegisterWaitForSingleObject
GetShortPathNameW
FindNextFileW
CompareStringA
SearchPathW

user32

GetWindowInfo
InvalidateRgn
ReleaseCapture
ValidateRgn
GetCapture
ExcludeUpdateRgn
ValidateRect
SetCapture
GetUpdateRgn

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ