a968617281ae4805d468ea14b2ce5191_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a968617281ae4805d468ea14b2ce5191_JaffaCakes118
Size

116KB
MD5

a968617281ae4805d468ea14b2ce5191
SHA1

8ba737b3e03da6d57d1470f6a671598586c9390e
SHA256

b821155617b05fead9ce00b77029b28d324d798b6193a2c34e63b9e88d15826f
SHA512

5f0601b8652f4c4bf065a96eaf652cbbaaa87e5e97ed52755d00d1693485b330ecbcc15bf92d005dc07079f717583dc91548ed807bbb135ab021be9101fd3016
SSDEEP

3072:zEZZiZStPbYfSyDct59bzVHaw6n1slK4k:zE7iZStPUctbzhaF1sl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a968617281ae4805d468ea14b2ce5191_JaffaCakes118

Files

a968617281ae4805d468ea14b2ce5191_JaffaCakes118
.exe windows:4 windows x86 arch:x86

832a199e1aee0727d37d46ca8d36c6a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProfileSectionA
OpenEventA
VirtualFreeEx
GetCommandLineA
VirtualAlloc
CreateWaitableTimerA
HeapCreate
GetPrivateProfileSectionNamesW
GetSystemWindowsDirectoryA
ExitProcess
RaiseException
BuildCommDCBAndTimeoutsA
GetCurrentProcess
UpdateResourceA
GetVolumePathNameA
GetFileType
GetVersion
TerminateThread
WriteConsoleOutputCharacterW
GlobalAddAtomA
CopyFileExA
DeleteTimerQueue
OpenProcess
ExitProcess

user32

PtInRect
TranslateAccelerator
ToUnicode
IsWindowVisible
GetDCEx
CloseClipboard
PostThreadMessageA
DrawAnimatedRects
DlgDirListComboBoxA
LockWindowUpdate
EndMenu
InvalidateRgn

gdi32

GetRasterizerCaps

Sections

.text
Size: 104KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbbs
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ