85e6abf09c7fb1208362d2c640c8785d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85e6abf09c7fb1208362d2c640c8785d_JaffaCakes118
Size

188KB
MD5

85e6abf09c7fb1208362d2c640c8785d
SHA1

114de89821e6156590e13f9a0293f85e86460e38
SHA256

08944a4d8b7518d95ab9b4b0d8750051f18de8ca01b95d4123ea99718b9a7fc7
SHA512

b4b8b67bd104682f59612165691b4e46370041024a87abbe803533e55f05ed62ee8079f56caa32b58ed7d15c951bff08e64a02ae875aca9dd37af54c1f37bb21
SSDEEP

3072:3bmpLPkSgxxo3O1zILx7tXglXov2l+6QEIB:3bmZTQof7uXU2lU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85e6abf09c7fb1208362d2c640c8785d_JaffaCakes118

Files

85e6abf09c7fb1208362d2c640c8785d_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a4c72cfe85b847fcf6cb8e8e7c0fb56c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memcpy
_mbscoll
fopen
_daylight
_amsg_exit
__p__fmode
_wpgmptr
_strset
_XcptFilter
_except_handler3
wcscmp
_mbccpy
_fstat64
_locking
_getdrives
_adjust_fdiv
_clearfp
_purecall
_exit
exit
__p__commode
sqrt
_controlfp
__setusermatherr
_ultoa
_inp
__getmainargs
_initterm
_adj_fdiv_r
__set_app_type
_acmdln
_wperror

kernel32

WriteFile
LocalFree
GetModuleHandleA
GetTickCount
InterlockedExchange
PulseEvent
SetEndOfFile
GetVersionExA
LoadLibraryA
GetTimeFormatA
GetConsoleOutputCP
GetACP
SizeofResource
TlsAlloc
GetStdHandle
WriteConsoleW
GetNumberFormatA
lstrlenA
GlobalReAlloc
EnterCriticalSection
SetEvent
GetFileAttributesA
FindClose
HeapFree
SetPriorityClass
SetLastError
GetStartupInfoA
SetHandleCount

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ