86afa4df5c8e62cd316804c37be99c45_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86afa4df5c8e62cd316804c37be99c45_JaffaCakes118
Size

856KB
MD5

86afa4df5c8e62cd316804c37be99c45
SHA1

bf5f26afe621b4a1c29de2e8037ca80999249f38
SHA256

692997173b3aa51c3a2468a61e0f75deda5882ffd86a324a0f2ba822717a3d3d
SHA512

74bbd1ebc9ad3859d01ba2e802d8c759c0eb86a0d4a46bba2cc854251daf04396740fa9208b4ec58b8a2bf9ec6eae0bdd10a826c731bf2286442a18255447685
SSDEEP

24576:cF4JuV++J++++YdtLQFFFFw54darCh3JFJNayzxwSagbf:5uV++J++++YdtLd54/h3nDvxfbf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86afa4df5c8e62cd316804c37be99c45_JaffaCakes118

Files

86afa4df5c8e62cd316804c37be99c45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19e6c1d49a6ea20707d517f5e2b335eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_initterm
_wcsnicmp
asin
wcscspn
wcschr
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
??2@YAPAXI@Z

kernel32

GetUserDefaultLCID
TlsFree
TlsAlloc
GetModuleFileNameA
MultiByteToWideChar
GetModuleFileNameA
GetModuleHandleA
lstrlenW
WideCharToMultiByte
LeaveCriticalSection
GetCurrentThreadId
EnterCriticalSection
GetCurrentProcessId
LoadLibraryExA
CompareStringW

ddraw

DirectDrawCreateEx
DirectDrawCreate

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ