85d5dd46ff0f16eb6a6717fb66bcbf15_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85d5dd46ff0f16eb6a6717fb66bcbf15_JaffaCakes118
Size

205KB
MD5

85d5dd46ff0f16eb6a6717fb66bcbf15
SHA1

79f53b62927b64f498180bb99e947a9dcf0b303b
SHA256

52722d9785613c09bc6c78cf92b26a6e8e0923074e282119fec11644b417a2fd
SHA512

21b1b2be0c5eb1ee51a0b8a07eb250fb1c348c8046c975aab2ee67d56820d8a398c5d6c4078f3fdab235ea7cbc5fb209ac84b7f92516eee933af65434476f802
SSDEEP

3072:PruWAgqck94J9b1zrDf1XAqueOI43c/9gVcWNq0YN8qSGY6T7l0ROMB3:zuWPqF4tnfxrKq0YN8q26T76h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85d5dd46ff0f16eb6a6717fb66bcbf15_JaffaCakes118

Files

85d5dd46ff0f16eb6a6717fb66bcbf15_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0cfb1f5cb877cd0b70cc9c19d8c54acf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
CharNextA
GetSystemMetrics
GetDesktopWindow

kernel32

GetThreadLocale
RemoveDirectoryA
GetCurrentProcess
GetWindowsDirectoryA
GetCommandLineA
lstrcmpiA
GetConsoleOutputCP
QueryPerformanceCounter
GetOEMCP
GetACP
GetCurrentProcessId
SetLastError
DeleteFileA
CopyFileA
IsDebuggerPresent
GetCurrentThreadId
GetStartupInfoA
GetModuleHandleA
lstrcmpA
GetProcessHeap
GetLastError
DeleteFileW
GetCurrentThread
VirtualAlloc
LoadLibraryW
GlobalFindAtomW
GetVersion
Sleep
GlobalFindAtomA
GetCommandLineW
lstrcmpiW
MulDiv
SetCurrentDirectoryA
lstrlenW
GetUserDefaultLangID
lstrlenA
GetTickCount
GetModuleHandleW
GetDriveTypeA

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ