b3119c043da5b2969220c03c03451c81_JaffaCakes118 | Triage

Sharing

General

Target

b3119c043da5b2969220c03c03451c81_JaffaCakes118
Size

191KB
MD5

b3119c043da5b2969220c03c03451c81
SHA1

f7375839175c0f45b43c0da77a87dcdaa0c985e1
SHA256

57ceb35c1f54752d4b3b26fcc9945e2e663072c2343350167c450de551767fc0
SHA512

adf3d458dc87b2dce23a0c1bc4dbd70844ecd2c2a6d709e70e50bb8c92ae9aba9183adff564c093df135094dc23c4a7a4da71ff4988e7b3932a0ba08c0079d17
SSDEEP

3072:hVKF9yhhlCmz62nAwOd4aBeGMwThs9SIBk/prIwzlrGA:r24zfXY4dGPTGgIb0n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3119c043da5b2969220c03c03451c81_JaffaCakes118

Files

b3119c043da5b2969220c03c03451c81_JaffaCakes118
.exe windows:1 windows x86 arch:x86

72182fa57003e6b09835ac84bba7ae37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GlobalUnlock
GetCurrentProcess
GetDateFormatA
CreateThread
LCMapStringW
GetStartupInfoA
GetComputerNameW
GetSystemDirectoryW
SetFilePointer
lstrcpynA
GetConsoleCP
GetCurrentDirectoryW
SizeofResource
GetVersionExA
GetCommandLineA
TlsAlloc
HeapCreate
SearchPathA
GetModuleHandleA
OpenEventA

msvcrt

__setusermatherr
vfwprintf
_wputenv
exit
_flsbuf
_XcptFilter
__p__fmode
_ctype
_exit
is_wctype
_wtol
_time64
strftime
__getmainargs
_safe_fdivr
_except_handler3
_fgetchar
_snwscanf
_sys_nerr
_spawnl
_acmdln
_read
memcpy
puts
_controlfp
_initterm
_atoi64
_wfullpath
_wexecvp
_wexeclpe
__set_app_type
_adjust_fdiv
_memicmp
printf
_cputws
fprintf
__p__commode
perror

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ