a9a39c27b8def276ed7fff0ba208aa07_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9a39c27b8def276ed7fff0ba208aa07_JaffaCakes118
Size

114KB
MD5

a9a39c27b8def276ed7fff0ba208aa07
SHA1

9e65e2fec4f5ce77e96befbcbfeda92293b61840
SHA256

02a3cb101b0ba97254d03420bc88a5bcee788448608f34cda205dffd5de45b34
SHA512

c9500949e0add2237c3c96b44fb19f807e0cfac4b08dcf8d392e95ae6747005ef280f880c21135a9774ba753703b2e69ac27d9f1ece08b5ffc764a1f1b2825cc
SSDEEP

1536:BSvQ7suen0gSN2S5D0sYOTtLKBMo+vif5p+nYEuVrwPLZ8IghPk:BSvQ7su012DBJWMo+KWYRVrwi/Nk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9a39c27b8def276ed7fff0ba208aa07_JaffaCakes118

Files

a9a39c27b8def276ed7fff0ba208aa07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7766cad48c3659c651a79b22faddc1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
GetStringTypeA
LoadLibraryA
GetVersionExA
LCMapStringA
MultiByteToWideChar
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
HeapFree
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
GetStringTypeW

user32

GetCursorPos

gdi32

Rectangle
BitBlt

oleaut32

SetErrorInfo
CreateErrorInfo

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ