a514fa069428c8b238eeba014b327234_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a514fa069428c8b238eeba014b327234_JaffaCakes118
Size

43KB
MD5

a514fa069428c8b238eeba014b327234
SHA1

64f078529ea00c0de104ac1dec059a77ffb32828
SHA256

4f24a7d9c2a44274ce2d97033b467cf080b80d54bf138ffa985e09a737954165
SHA512

3cdd2d2424400b917814427febdad5ed9adceb008b4f6f7d8b51078e914ba8f7e20ecbab726ad453d71e988574e48432c14ed34239787c6ec04d8884a60671df
SSDEEP

768:QaU7mRUHlbc/IXigl9Bt6CgnR1gc3auuTrTnTF7n1YEJGH43bEWPM:QatUHsIXZXavR1g11HTJ1Y+GH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a514fa069428c8b238eeba014b327234_JaffaCakes118

Files

a514fa069428c8b238eeba014b327234_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c39b2960abcb988ead30700f3d591394

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultUILanguage
GetCommandLineA
ExpandEnvironmentStringsW
GetCurrentThread
SetEvent
DisconnectNamedPipe
FlushFileBuffers
GetTimeZoneInformation
WriteFile
OpenProcess
SetLastError
GetModuleFileNameA
CopyFileW
SetThreadPriority
GetModuleHandleA
SetFileTime
GlobalLock
FindFirstFileW
CreateMutexW
EnterCriticalSection
GetTempPathW
HeapAlloc
CreateProcessW
lstrcpynW
GetDriveTypeW
lstrcatW
lstrcmpiA
lstrlenA
CreateThread
MultiByteToWideChar

user32

MsgWaitForMultipleObjects

Sections

.vuf
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydipan
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jsdeh
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ