a0f06173399cb3e2c486f47101e457ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0f06173399cb3e2c486f47101e457ba_JaffaCakes118
Size

123KB
MD5

a0f06173399cb3e2c486f47101e457ba
SHA1

0b91112728b1101f572b7a87622667fd9f298b44
SHA256

c0615c3caffe21f5673ba64156a47209c82699f060a46ef2356df8e543f79499
SHA512

ba5fd856d6036fe00e69200f71d4deff3c0eae3623462c781111bfee1c0449791d9b8b66d6c78bde00e5ef6b8c7088964761787d5650e43bf9c5fba4496a0706
SSDEEP

1536:+/xIagxnADYiw4xh+J2SZL24QTBrJFrKduWR0jQJDXTg7tsz0ZGACWKz333xi5e3:MpmoxhUQTBfrrFjQJcszzzH3x89o8tU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0f06173399cb3e2c486f47101e457ba_JaffaCakes118

Files

a0f06173399cb3e2c486f47101e457ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f54f72bcadcce853082fd465f117c97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcatA
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
FindNextFileW
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

0
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 15KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 38KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 6KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE