ad0c5322f92e525b2fc0669c48177fdb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad0c5322f92e525b2fc0669c48177fdb_JaffaCakes118
Size

132KB
MD5

ad0c5322f92e525b2fc0669c48177fdb
SHA1

26ce8c086833e8a8725829f3cc56f195ec7e3047
SHA256

0c2ed213b32f4977ae531857b91f19cf76ac810495416671e4bba06cdde1bfa1
SHA512

517e75c8ef81386115236bdbed56fd2f754b4f0239552dd6b3af12cca48b316fbb955ce630a3d1148edb380bdfe887b18d11a37924f137be080bdbab15bd6fc1
SSDEEP

3072:Xx0jLosV5oi0RD68wb7tptd+bn6CuWkaSmu9L:B0fh2D68wPtx+bn6x3mA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad0c5322f92e525b2fc0669c48177fdb_JaffaCakes118

Files

ad0c5322f92e525b2fc0669c48177fdb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bcd303b31711c0a5426ff6066300ab6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetModuleHandleW
GetModuleFileNameW
HeapAlloc
RtlUnwind
HeapReAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetLastError
CloseHandle
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
SetFilePointer
CreateFileW
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
GetStringTypeA
GetStringTypeW
SetEndOfFile
ReadFile

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ