b98e89110489b97ebed4ba963f883fed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b98e89110489b97ebed4ba963f883fed_JaffaCakes118
Size

5.5MB
MD5

b98e89110489b97ebed4ba963f883fed
SHA1

cb1d2deb8a29fd39617c9abcce96cb07ccfce507
SHA256

b20a66f64f80c9d3777006af8a82bb72f2f413d1886d80cc3fee354dd663ea6d
SHA512

7f59735477bd1e387d16a1155d46ed899bee207c90a9fc78ac95e93d09dc83395d5ff0f70aae82dcf7d5c5209747fe6bd230ea81cc613e36ac5587e76235a3b1
SSDEEP

49152:D6swjFUx8zgsU9FWzv5/7qu2RJ6JciBzR+gMAXC2dSUjQTajXW5ubM81GnupKQsJ:yFCMv5mupci6glNSzt5g71GnupKrkMn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b98e89110489b97ebed4ba963f883fed_JaffaCakes118

Files

b98e89110489b97ebed4ba963f883fed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21e80311173020b893bc727a1fccc8b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
SetFileAttributesA
GetSystemTimeAsFileTime
TlsAlloc
SetStdHandle
CreateMutexA
InitializeCriticalSectionAndSpinCount
GetTickCount
TerminateProcess
QueryPerformanceCounter
GetLastError
VirtualAlloc
GetModuleHandleA
SetUnhandledExceptionFilter
GetProcAddress
GetCurrentProcess
GetCurrentThreadId
GetStartupInfoA

advapi32

RegQueryValueA
WmiExecuteMethodW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExA
RegQueryValueExA
RegDeleteKeyW
RegCloseKey
RegCreateKeyExA
RegCreateKeyExW
RegOpenKeyExA
RegSetValueExW

Sections

.textbss
Size: - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ