b649af55a057e5095e477cc3f32306c8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b649af55a057e5095e477cc3f32306c8_JaffaCakes118
Size

524KB
MD5

b649af55a057e5095e477cc3f32306c8
SHA1

ac3788255591ba1ac832dff9045ba1b781c7b518
SHA256

481171e84dc3fb3c291334a5cbfb55cf121dc27266e159ef666624b954e2bedf
SHA512

f5a3b0795717351b53f6dfb93c6be01e697ebe0ad36b683dfb16d4aeb71e132169fb47e34da77d2ae98a69640e13c0a8c8185f3414229da512f50d8b54e7cda7
SSDEEP

12288:ozJjYD8DSrk96ACr+nnXhwqsWzsIWWbqribe4li+o2IY960Owe2u:ozRYD8DB9E+XhJlqX+o2I860Ocu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b649af55a057e5095e477cc3f32306c8_JaffaCakes118

Files

b649af55a057e5095e477cc3f32306c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abe04f8cf717f7ed460baff82ee0e22e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnableWindow

kernel32

HeapDestroy
LeaveCriticalSection
VirtualAlloc
ExitProcess
SetEndOfFile
GetFileType
Sleep
InterlockedDecrement
WriteConsoleA
VirtualFree
LoadResource
GetEnvironmentVariableA
WideCharToMultiByte
LocalFree
GetStringTypeW
CloseHandle
WriteFile
SetUnhandledExceptionFilter
FindFirstFileA
SetFilePointer
TlsFree
CreateThread
CompareStringA
GetModuleHandleA
SetStdHandle
GetStringTypeA
GetCommandLineA
FreeEnvironmentStringsW
HeapSize
GetCPInfo
LocalAlloc
GetLocaleInfoA
GetEnvironmentStrings
DeleteCriticalSection
FreeEnvironmentStringsA
GetModuleFileNameA
GlobalUnlock
GetVersionExA
GetTickCount
IsDebuggerPresent
QueryPerformanceCounter
GetOEMCP
GetConsoleCP
HeapCreate
LCMapStringW
EnterCriticalSection
GetStdHandle
HeapFree

Sections

.text
Size: 488KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE