a77ae6fd4e834ce2183c9062e54d81cf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a77ae6fd4e834ce2183c9062e54d81cf_JaffaCakes118
Size

96KB
MD5

a77ae6fd4e834ce2183c9062e54d81cf
SHA1

d9951e50537efb441dcb80f9b8c869d84768988b
SHA256

24c1e8da136f70aac475d272d883a5c47775781daa9f6e933a1ffd17ab2ad58a
SHA512

efbf3840dd7204150e3e5104ac520cd0a0a21f49aaab537d27fe148cbb55705191e58dca810a0e74b5d578417114e5cc4acef0ef21d5e3668a3a1b13012d8cd3
SSDEEP

1536:R99KsnIOSUtLRnc9uDOVGLNu+NOjyEXJiNX1934jBn+hcvd1PytW:R7IDGLNu+NOriiB+qr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a77ae6fd4e834ce2183c9062e54d81cf_JaffaCakes118

Files

a77ae6fd4e834ce2183c9062e54d81cf_JaffaCakes118
.exe .js windows:4 windows x86 arch:x86 polyglot

1d8c2740c7f5d9e432543d52d36b9040

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GetProcAddress
LoadLibraryA
GlobalFree
DeleteFileA
MoveFileExA
GetSystemDirectoryA
Sleep
CopyFileA
SetFileAttributesA
GetVersionExA
GetCurrentThreadId
CloseHandle
CreateFileA
GetLastError
SetFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
GetTickCount
MultiByteToWideChar
lstrlenA
FreeLibrary
TerminateProcess
OpenProcess
lstrcmpiA
CreateMutexA
WinExec
GetModuleFileNameA
GetEnvironmentVariableA

msvcrt

memset
_wcsnicmp
??3@YAXPAX@Z
swprintf
memcmp
wcscpy
memcpy
??2@YAPAXI@Z
wcslen
sprintf
strcat
_stricmp
fclose
fseek
fwrite
fopen
srand
strcpy
strlen

Sections

.bss
Size: - Virtual size: 68B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ