b2034ca66f53961cbda9770994cfc330_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2034ca66f53961cbda9770994cfc330_JaffaCakes118
Size

539KB
MD5

b2034ca66f53961cbda9770994cfc330
SHA1

4c52c2212c5f76297b4e5c6146569592ca4bff05
SHA256

75c901b0a6d749094818f0fedb8a7b1c2282f0e7a60d83b029736db4a0d7fea4
SHA512

de499a884ce1ef9d0eff5fd30d55f7b1bb0730df1e4c005baddf7d33f5dfff74cdd70e96b6d7ba291701a2c794393c71fa62204d23774afea08ca7f6efafb080
SSDEEP

12288:76QdMLimfrhmEPm8Z4WIceENDhQdDwbiCLHEX2Eaj:DmnVmEPm8mc/hQhCThEaj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2034ca66f53961cbda9770994cfc330_JaffaCakes118

Files

b2034ca66f53961cbda9770994cfc330_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d0bc052ab9a91f1e249039a129c90edc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
_wcsicmp
_except_handler3
sprintf
_exit
__p__fmode
printf
__winitenv
wcscpy
_controlfp
strstr
__wgetmainargs
_adjust_fdiv
_c_exit
_XcptFilter
_initterm
_stricmp
_cexit

rasdlg

RasPhonebookDlgW
RasDialDlgW

kernel32

WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
GetModuleHandleA
GetModuleFileNameW
GetLocaleInfoW
GetOEMCP
GetTimeZoneInformation
GetLastError
GetCPInfo
ExpandEnvironmentStringsW
GetWindowsDirectoryW
VirtualFree
GetProcAddress
LoadLibraryA

advapi32

RegOpenKeyExW
RegQueryValueExA
RegCloseKey

Sections

.fry54
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.w45yq35
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.685498
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ