a75e7c6c9b480d6874fb6d0a771546dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a75e7c6c9b480d6874fb6d0a771546dc_JaffaCakes118
Size

726KB
MD5

a75e7c6c9b480d6874fb6d0a771546dc
SHA1

7e0c25971f06705ad5b96000626bd90fe2e7c113
SHA256

3aaacfa4c1bb6f78bedf7075dd7b38ceaf38fa46f736596cf784b101ed23472a
SHA512

c5cc7f15eb7fb97090f1edcf2b583286d8b3be09f801ceaa3822cebfe8fb4030247710751498d5e6c50320e98dbba2d23b94446674f047c5e1db549dc57d7b2d
SSDEEP

12288:Yq9J+hAeqe3zcPdMa3JLi779XzZt58eKpieycV74SxV9Xwd:1RSz0Li7Lv8eKDV7RV9Xm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a75e7c6c9b480d6874fb6d0a771546dc_JaffaCakes118

Files

a75e7c6c9b480d6874fb6d0a771546dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90b018c3afc33bce75262b7a31e5574f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
FindClose
FindFirstFileW
GetLocaleInfoA
GetVolumeInformationW
GetFullPathNameW
CreateFileW
SetErrorMode
GetVersionExW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
RtlUnwind
HeapValidate
IsBadReadPtr
RaiseException
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetStdHandle

msvcrt

_initterm
_iob
pow
fprintf
exp
?terminate@@YAXXZ
free
_initterm
malloc
_adjust_fdiv
exit
_CIpow
_ftol
__CxxFrameHandler
_purecall
_except_handler3

msvfw32

ICInfo
ICOpen
ICSendMessage
ICClose
ICGetInfo

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ