b157c9c0478313992ddbb00e62c6d7e0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b157c9c0478313992ddbb00e62c6d7e0_JaffaCakes118
Size

699KB
MD5

b157c9c0478313992ddbb00e62c6d7e0
SHA1

7ba282cccc70f9ff271a35c65f5c8d01c4fcea3e
SHA256

005218b11638e30c1e253eca7a18536fa9f48489ce5278a4a590c69781ab5651
SHA512

f483486dc7e4ffb3204db569b8997b96d8ef29fcc9188acc087341c6e38d0a038959f68ebc0cc7b3d5d5305c0258101da7be801bf4546a51f6c4ab017f24eed9
SSDEEP

12288:rk1dTUgyk76JWbyDy7dHI6UfJd85S86nblkJvU2E6umrceOAXe2Rv8xXh0Wlw39W:rot96kbqqHI6UR25S5nAUX6ums4Gwn3k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b157c9c0478313992ddbb00e62c6d7e0_JaffaCakes118

Files

b157c9c0478313992ddbb00e62c6d7e0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2a79cbe9f7c82b993329cb38057eea7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
FlushFileBuffers
GetTempPathW
UnmapViewOfFile
SetFileTime
GetSystemTimeAsFileTime
OpenProcess
MoveFileExW
CreateFileMappingW
EnterCriticalSection
WriteFile
ReleaseMutex
lstrlenA
CreateMutexW
GlobalLock
DisconnectNamedPipe
CreateEventW
ExpandEnvironmentStringsW
SetFileAttributesW
GetCurrentThread
SetEvent
lstrcatW
CopyFileW
GetUserDefaultUILanguage
CloseHandle
GetTimeZoneInformation
lstrcpynW
GetCommandLineA
SetThreadPriority
CreateThread

user32

GetIconInfo
MsgWaitForMultipleObjects

Sections

.vod
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.klcvcb
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.haxcz
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ