95225a67d12344c366c19fc3663debda_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95225a67d12344c366c19fc3663debda_JaffaCakes118
Size

352KB
MD5

95225a67d12344c366c19fc3663debda
SHA1

9b2d962fab5de73bf099f4b7354c809ad2aaf0d6
SHA256

b11d12cfccfeea392131027292c710c10213fb82970c973830fe225e80623723
SHA512

7be9d975178adbab8f1b091b6b7c8148bfd52caaa2bc029fe94330d4d303e4fb91b792f743123b7100776ceb533c5387506704c888a3c6e444c5dbdc419cd065
SSDEEP

6144:THHvn7NE4gSk0qmG4dDmWHxBqgVJEuCgPRhEpPa8HiZigU0:TvRE4nk0u4oWHeg7wWRhEpP3QigU0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95225a67d12344c366c19fc3663debda_JaffaCakes118

Files

95225a67d12344c366c19fc3663debda_JaffaCakes118
.exe windows:5 windows x86 arch:x86

af802001a2bacda04d5bf1014a5a035c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
CreateEventW
HeapAlloc
GetCommandLineA
CloseHandle
SetFileAttributesW
ExpandEnvironmentStringsW
FlushFileBuffers
lstrlenA
CopyFileW
GetModuleHandleA
SetEvent
OpenProcess
GetUserDefaultUILanguage
EnterCriticalSection
SetThreadPriority
FindFirstFileW
GetTempPathW
GetDriveTypeW
GetCurrentThread
GetSystemTimeAsFileTime
DisconnectNamedPipe
SetLastError
lstrcatW
lstrcpynW
FindClose
MultiByteToWideChar
WriteFile
GetTimeZoneInformation
MoveFileExW

Sections

.japcl
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rcf
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zkvmx
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ