b37df7cdcecfbab3186dc65df8d7e503_JaffaCakes118 | Triage

Sharing

General

Target

b37df7cdcecfbab3186dc65df8d7e503_JaffaCakes118
Size

313KB
MD5

b37df7cdcecfbab3186dc65df8d7e503
SHA1

8fdf0abc806cb0b125718eae56d69c94ade112ac
SHA256

e1e52d5211e0446e2c472f5b29e2ec9177e077fd0776182b8130f1dc1e909bd9
SHA512

069e4243465471d3b86ffffe8db69c5974e3b34b9a8640183c78365ee6c5d6507b8ff380cb09ac8a949096f2409fd928cf1e2d7f37380049ee3b6a74fd8e6562
SSDEEP

6144:8ItMBWnBNT4dvCg3wd+lIPW7IIEAEphWEccresP0AVk6EF2oWF:8oB54vwYlVovt/8AVkhFpW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b37df7cdcecfbab3186dc65df8d7e503_JaffaCakes118

Files

b37df7cdcecfbab3186dc65df8d7e503_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4341d7711e7b801c6d749bac8d5f279

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
GetLastError
FileTimeToLocalFileTime
CloseHandle
VirtualFree
GetProcAddress
CreateFileA
GetSystemDirectoryA
GetProcessHeap
GetModuleHandleA
GetFileSize
VirtualAlloc

user32

MoveWindow

netapi32

NetDfsRemoveFtRootForced

avifil32

AVISaveOptions
AVISaveOptionsFree

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 647KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xvda
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relc
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE