9561063e92de04f248aa3c341262bacd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9561063e92de04f248aa3c341262bacd_JaffaCakes118
Size

523KB
MD5

9561063e92de04f248aa3c341262bacd
SHA1

43a043bc294396d6d256513e10423e3d17719d5a
SHA256

ea04cf8d4b2aea4736c99e4647f4ce5d364e8f7db8b76a1990a597ad868fdc48
SHA512

c79b6173ea70c7a51c765c6d241134da771ebe7282479833b8f40934d36c493e6fbdb4b035248861fa27366785c3afccc26565157eb13b939be4397d2e0950c7
SSDEEP

12288:CPqHT1+rUXCTgVBFjjpc2rGiZEEoMyREb7a:CATZBBj9rGAEEo07a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9561063e92de04f248aa3c341262bacd_JaffaCakes118

Files

9561063e92de04f248aa3c341262bacd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e0c3b6e36b48d900a8b17fac94756a96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
MultiByteToWideChar
CreateThread
lstrcatW
SetEndOfFile
CreateMutexW
GlobalLock
CloseHandle
EnterCriticalSection
SetThreadPriority
CreateFileMappingW
GetModuleHandleA
FlushFileBuffers
lstrcpynW
SetFileTime
HeapAlloc
lstrcmpiA
GetDriveTypeW
SetFileAttributesW
FindFirstFileW
FindClose
ReleaseMutex
MoveFileExW
GetCommandLineA
WriteFile
CopyFileW
GetUserDefaultUILanguage
GetTempPathW
ExpandEnvironmentStringsW
GetCurrentThread
DisconnectNamedPipe

user32

DrawIcon
GetKeyState
SendMessageW
GetForegroundWindow
PeekMessageW

Sections

.cpsxep
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zybun
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrml
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ