96f3a737371441f56262ca54badaac76_JaffaCakes118 | Triage

Sharing

General

Target

96f3a737371441f56262ca54badaac76_JaffaCakes118
Size

208KB
MD5

96f3a737371441f56262ca54badaac76
SHA1

5364fe3c28308d142714277ad1206c5b12d7e79b
SHA256

14590bb13a9783cb8d85f62ff7822888c31d940ad6d353547aa9432df6ee03ee
SHA512

3444ae01c03cfb791b60988f585028503285fbe04fb999f4469f7f3b2054658f61e88b74925a331dd3c55d7f154e031779ffc18261953db21f9d9179945be5d8
SSDEEP

6144:rp+p7xpy7fdijjpE1MUmVFBPzTQ/L/qE:6tYMDc/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96f3a737371441f56262ca54badaac76_JaffaCakes118

Files

96f3a737371441f56262ca54badaac76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

380b18fc2924a210b1e8ef338461a693

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadHugeWritePtr
GetProcessTimes
CloseHandle
VirtualAlloc
GlobalDeleteAtom
GetConsoleOutputCP
WritePrivateProfileSectionA
GetSystemDirectoryA
lstrcmpA
MoveFileWithProgressA
CreateSemaphoreA
OpenMutexA
GetConsoleCursorMode
CancelWaitableTimer
GetVersionExA
GetLocaleInfoA
FindNextVolumeA
SizeofResource
UpdateResourceA
GetConsoleFontInfo
ExpandEnvironmentStringsA
GetEnvironmentStringsA
GetCurrencyFormatA
SetFilePointer
AllocConsole
OpenWaitableTimerA
CreateFileMappingA
CancelTimerQueueTimer
CommConfigDialogA
FindNextVolumeMountPointA
GlobalFindAtomA

tapi32

lineAddProvider

Exports

Exports

Uwisnmnjv
Epfcsbfebmu
InitQueimths
CloseTorncfaha
CreateXvytswi
Mhtsush

Sections

.itext
Size: - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 56KB - Virtual size: 717KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ