a281bb8cec346c210a4765faf6db4e40_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a281bb8cec346c210a4765faf6db4e40_JaffaCakes118
Size

241KB
MD5

a281bb8cec346c210a4765faf6db4e40
SHA1

2a6df11a14e2feb1bddfa5d5293ee65133f55061
SHA256

28433a0319246a68387e6f81e72d1f615231e594a2df178834b52fa9f1e9f80a
SHA512

d379b815619e5df225b3026ed4d2fb7e40759fad6b95040440ee576184c1585d50bac913e72effac7587cfff3c25dc183d08c8cdef9812da479935c001087341
SSDEEP

3072:S/HYOq+1ymsZ9gWO7xxkXi0ecMd5rVDTHQkfr+7JbSqclZ27IOIy3GKt4/bI:Sfdq+1yxZgxE6cMd5pX+71eEvjt4/bI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a281bb8cec346c210a4765faf6db4e40_JaffaCakes118

Files

a281bb8cec346c210a4765faf6db4e40_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5aee606ede77bb26b66cd4297664994

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
SetLastError
FreeLibrary
GetCompressedFileSizeW
TerminateThread
GetACP
GetLocaleInfoW
GetThreadLocale
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetDriveTypeW
CreateEventW
QueryDosDeviceW
OutputDebugStringW
SearchPathW
GetWindowsDirectoryW
SetUnhandledExceptionFilter
CreateFileA
ReleaseMutex
GetCurrentThreadId
CreateThread
FlushInstructionCache
WaitForSingleObject
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetSystemInfo
VirtualAlloc
VirtualFree

avifil32

AVIBuildFilter

oleaut32

GetRecordInfoFromTypeInfo
CreateErrorInfo
OleCreateFontIndirect
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

Sections

.text
Size: 142KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE