b223cfa4f332f0033a821ce216c75d9c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b223cfa4f332f0033a821ce216c75d9c_JaffaCakes118
Size

1.6MB
MD5

b223cfa4f332f0033a821ce216c75d9c
SHA1

dfdb098ecee20a62453b930bbdbc3bcca44e28f2
SHA256

252ee0d1df7f93efd0adf6fd3ea29d57fd5ab116cf95dc3ebeec324b0039be86
SHA512

166300803c8abd754160827de6b5fccdf8826212c0759c48ef0aaea293b3cd512a22de54e7fe58c67e9ca0fc6a94c63c2c29ba4c6a24e77e07a68c58080f8836
SSDEEP

24576:GB/sTOb8PvwA5qDRpjdCrrPnKIhwf3Zk3KB/sTOb8PvwA5qDRpjde:akTasLyjeKsONkTasLyjc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b223cfa4f332f0033a821ce216c75d9c_JaffaCakes118

Files

b223cfa4f332f0033a821ce216c75d9c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ba839abfa340aaab932ad5a1eb3785d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLCID
GetUserDefaultLCID
GetCurrentThreadId
GetUserDefaultLangID
GetTickCount
GetLastError
GetCurrentThread
GetModuleHandleW
GetCurrentProcessId
GetVersion
GetCurrentProcess
GetCommandLineA
GetCommandLineW
GetModuleHandleA
VirtualAlloc
GetStdHandle
WriteConsoleA
GetProcAddress
FlushFileBuffers
SetFileTime
TlsAlloc
WaitForSingleObject
GetVersionExA
SetUnhandledExceptionFilter
ReadFile
GetFileAttributesA
ReleaseMutex
EnterCriticalSection
GetEnvironmentStrings
FreeEnvironmentStringsA

Sections

.text
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 886B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 814KB - Virtual size: 813KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ