b714ff51a900a29eedf78337143ca54e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b714ff51a900a29eedf78337143ca54e_JaffaCakes118
Size

162KB
MD5

b714ff51a900a29eedf78337143ca54e
SHA1

8514b2defc0e9cf854b65654ed4e835a2476e5db
SHA256

fad5e2fcec5b0b5fb0c8f4e147205762f637d30047c7f557aa91672650d0db09
SHA512

1bf23417516fb523efab3efb71cf08e960ac585f3c930348cb510f76b7eb38fa8c3d609c1575c6125b0f7dd4c068e3a087d9aed3507126c3d6074b941c7e41ce
SSDEEP

3072:vov8QELgdsn95MhB7foM0yKhXpPszkaf4shhMLh7aiSZDO13h3/b:vovV4Es7YoF0sshWB2O1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b714ff51a900a29eedf78337143ca54e_JaffaCakes118

Files

b714ff51a900a29eedf78337143ca54e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

530b84f8a1489d1d4b4efa6e5e1868a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapFree
GetWindowsDirectoryA
WriteFile
HeapDestroy
HeapCreate
SetErrorMode
lstrcatA
RaiseException
GetModuleHandleA
CloseHandle
DeleteFileA
lstrcpyA
lstrlenA
CreateFileA
ReadFile
ExitProcess

user32

wsprintfA
GetKeyboardType

comctl32

ImageList_Copy
ord17
ImageList_Destroy

msvcrt

_except_handler3

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ