a2550c6c325c1b1730613cb631999ac0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2550c6c325c1b1730613cb631999ac0_JaffaCakes118
Size

105KB
MD5

a2550c6c325c1b1730613cb631999ac0
SHA1

ea2d26b1e1b358eb4aef4bf90381a56ac200c281
SHA256

d6d95ad9afc75bf3fe7d8bb60e0730f85de127916230890cde0dcd596c10b651
SHA512

9fe7c4ee80a2cebe6f06834cdbd43b6bffc65bb0ed62add6f5687a52a8270ae8325667517577d38f35646919816736e582838cc8f0bb5465a49709235711ae8f
SSDEEP

1536:ofco12RQIB7BMLL4a6/XnVnbHGBDnAg4qYZPIV3epDGY7Yznt:wco12XB7Y6NnboDP4UV3s3Y5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2550c6c325c1b1730613cb631999ac0_JaffaCakes118

Files

a2550c6c325c1b1730613cb631999ac0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

111d69465023965519e59851d9dd8481

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
OutputDebugStringW
HeapAlloc
GetSystemInfo
GetVersionExW
HeapCreate
GetCommandLineW
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
GetStartupInfoW
ExitProcess
HeapFree
lstrcmpiW
OpenThread
Sleep
WaitForMultipleObjects
CreateEventW
CreateThread
WaitForSingleObject
CloseHandle
InterlockedDecrement
lstrlenW
SetEvent

user32

GetMessageW
CharNextW
DispatchMessageW
PostThreadMessageW

ole32

CreateClassMoniker
GetRunningObjectTable
CoUninitialize
CoInitialize

oleaut32

LoadRegTypeLi
SysStringLen
SysFreeString

atl

ord21
ord20
ord18
ord57
ord17
ord32
ord16
ord58
ord30
ord23

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE