b05c273e357fad57b5c6ec17381144fb_JaffaCakes118 | Triage

Sharing

General

Target

b05c273e357fad57b5c6ec17381144fb_JaffaCakes118
Size

146KB
MD5

b05c273e357fad57b5c6ec17381144fb
SHA1

9e13bc41c14ae855eddbd4709ec7904108bfe047
SHA256

d6003903550cee5c7f7c790dfe35a957ac5346534c0e6c706f15736ed5ceac48
SHA512

3fe82be437b55416908cf68634740df6a2a5e769f537a4e621b0c8d86f69b03c9de4284c28ce2953f9c78796d8c9dac34877b55677021275f1ad670eba5972e5
SSDEEP

3072:hAm+Juru7qm3cNmv3rOfVw6dNpNZCCl57r4sNIeQv:hAR4SBckfrO9w6d6a57rGe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b05c273e357fad57b5c6ec17381144fb_JaffaCakes118

Files

b05c273e357fad57b5c6ec17381144fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7ca3d7e0d56cb415cdf321cabcb12c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashW

kernel32

GetSystemTimeAsFileTime
SizeofResource
LoadResource
LeaveCriticalSection
SetLastError
lstrlenA
LocalAlloc
InterlockedCompareExchange
TerminateProcess
LockResource
GetCurrentProcessId
SetFilePointer
GetEnvironmentVariableA
GetModuleHandleA
CreateProcessA
MultiByteToWideChar
QueryPerformanceCounter
EnumResourceNamesW
InterlockedExchange
GetCurrentThreadId
GetModuleFileNameA
lstrlenW
Sleep
GetVersionExA
WideCharToMultiByte
ExitProcess
EnterCriticalSection
lstrcmpiA
RaiseException
FindResourceExA
GetLastError
GetTickCount
FindResourceA
GetStartupInfoA
GetCurrentProcess

user32

LoadImageA
CharNextA
DestroyWindow
GetSystemMetrics
MessageBoxW
UnregisterClassA
LoadIconA
LoadStringW
CharNextW

clusapi

CloseCluster

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ