af1a5101c913eebd0ca19a8d9f84a75d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af1a5101c913eebd0ca19a8d9f84a75d_JaffaCakes118
Size

212KB
MD5

af1a5101c913eebd0ca19a8d9f84a75d
SHA1

e73292423a65b9b31303d6edb44776e2850fb9e0
SHA256

ee55513e59d4234cb948fed6feb36b856b5a27f013c584734d7a82d919f25d2d
SHA512

29e18bcdc4da6564ae5de17873c68f8997c6e46d284950e71064e25e376fff162aec994415b0d4b54f2155b6eb644f81dbb294483c1fdd2977c43a1989ac45db
SSDEEP

6144:Grpg+Vk0PUs5XX+QOpFcDdYiso5iSM3Omlc67Ny:Grhku43pWgoYSNtqN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af1a5101c913eebd0ca19a8d9f84a75d_JaffaCakes118

Files

af1a5101c913eebd0ca19a8d9f84a75d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

245498dac8ac06af4c2acb6a2abafa25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrencyFormatA
FormatMessageA
HeapQueryTagW
ReplaceFileA
ReadConsoleInputExA
SetUserGeoID
BaseProcessInitPostImport
lstrcmpiW
IsDBCSLeadByteEx
CreateSocketHandle
VirtualFreeEx
WriteProfileSectionA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 57KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 72KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 54KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE