a52301d8b1435385c9270f575f7d8da3_JaffaCakes118 | Triage

Sharing

General

Target

a52301d8b1435385c9270f575f7d8da3_JaffaCakes118
Size

7KB
MD5

a52301d8b1435385c9270f575f7d8da3
SHA1

00472e13dfc727ced2a0e427da93e3bf7b1b2405
SHA256

d5930e0ec0407e02ce049f30a9541975558561b2b943fd20e40a672717c56cd9
SHA512

2db15eacdb73bb1e07ac114a1f33be82c83ed4d51eb1f81a65ada3741ce7b08584c74d14f16147ddf12e2fc2b795b0f29e6e36c85f11cd5b8660658749ca4619
SSDEEP

96:uyu8lgYU7WnD/gwSrillPeMLI0b1ATh/+W8aLwl+UaCDjsr:usOynD/Kr4QMtqTN+ta07aCDjsr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a52301d8b1435385c9270f575f7d8da3_JaffaCakes118

Files

a52301d8b1435385c9270f575f7d8da3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7aa565ea47da878a448f1cc8fd5f233b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

i:\kernel\kpx\kpxim_install\objfre_w2K_x86\i386\int.pdb

Imports

msvcrt

__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__winitenv
__set_app_type
_except_handler3
_controlfp
exit
_cexit
_XcptFilter
_exit
_c_exit
_wsplitpath
wcscpy
wcscat
_wcsicmp
fopen
fputs
sprintf
wcslen
__p__fmode
fclose

kernel32

GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
WideCharToMultiByte
GetProcAddress
GetCurrentProcess
TerminateProcess
GetLastError
GetModuleFileNameW

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance
CoUninitialize

setupapi

SetupCopyOEMInfW

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE