b6334e775dffbc485d03d872e3147f9c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6334e775dffbc485d03d872e3147f9c_JaffaCakes118
Size

164KB
MD5

b6334e775dffbc485d03d872e3147f9c
SHA1

c60d62db48b6b9dfbcfeaa1970263410950dba7f
SHA256

98d76c191085b7f0de8087c3fba85a6c084cd18fd66f907919a6f96e0fdb4681
SHA512

17cf34e814fe736823b1b5229983e64e74ba05b733b3feaad2e9f89de213c15c33ed05495b0acf22e9f061df9a738cc940b3cfe37938c6c83e1d15080a6d6efc
SSDEEP

1536:TkYGsD7TdhctHZTDrlg5Abpfev08UNzUVTyKTlRlFUiFgoqphTsvS1JcFioJ:F/hR8phTs0cEo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6334e775dffbc485d03d872e3147f9c_JaffaCakes118

Files

b6334e775dffbc485d03d872e3147f9c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e64002d038c19b45be272af1cdd3eaf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
UpdateResourceA
GetProcAddress
LoadLibraryA
HeapAlloc
HeapFree
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetLastError
SetFilePointer
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers
CloseHandle

Sections

.test
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE