a5a69ef935044e9818166791218db099_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5a69ef935044e9818166791218db099_JaffaCakes118
Size

49KB
MD5

a5a69ef935044e9818166791218db099
SHA1

0657328b8a0a08bc6a357910cb905963547a12a6
SHA256

3ebed60d62f9814c611ae5dfae36bc764db57cdcee907ef2a0122fa7d7ce6a3c
SHA512

de291d3398fe93943e32597fe725222fa16328a0daa42ba6a818984e31d0b1497d82f1e13406b6a37c8b8d96cb65fdbedcbb3072a95776a86029aeeaa7e3dae6
SSDEEP

768:Hwnc9AWZ9NPIHe/FdI91mFDAWSHVBh5iB9chulHouYr96od22yI:QcetaFda1qDQlulID6oM2yI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5a69ef935044e9818166791218db099_JaffaCakes118

Files

a5a69ef935044e9818166791218db099_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55d4ea1000d61b96c60516b852997066

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetConsoleTitleA
GetModuleFileNameA
GetTickCount
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
HeapFree
GetLastError
CloseHandle
GetFileAttributesA
SetFilePointer
GetProcAddress
GetModuleHandleA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
SetConsoleTitleA
VirtualFree
RtlUnwind
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
ReadFile
CreateFileA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
LCMapStringA
LCMapStringW

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE