b774682f95a4605221506d1ffabc69f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b774682f95a4605221506d1ffabc69f6_JaffaCakes118
Size

186KB
MD5

b774682f95a4605221506d1ffabc69f6
SHA1

a3f98647eb0f65d73ef5140ba05bfb2516fc4a1b
SHA256

5f03c3e044fb7722eab9df1121b85600e18d1f82365c159d8437e569ea100f5f
SHA512

bbe4cb85159a43201bf1626a2fe655fdfc90aca5c4dbcce68d1995b4adb89eb2c8212b8e64a4b5e0512a5c3b9feb261bc83898d592f6e8b2a9f4da1d6a8f7676
SSDEEP

3072:2VHiFSTgS6L4BQAbFyEbKVJ4OTIN5aBm8y06q9H0knXb5UcwW0g:giFWi4dbI/TIwmdhNW0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b774682f95a4605221506d1ffabc69f6_JaffaCakes118

Files

b774682f95a4605221506d1ffabc69f6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ecab48fda3e42db4897369d1c86fa708

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetDriveTypeA
GetThreadLocale
DeleteFileW
GetCurrentProcessId
GetStartupInfoA
SetLastError
GetUserDefaultLangID
lstrcmpA
GetACP
GetCurrentThreadId
GetCurrentProcess
GetCommandLineA
GetConsoleOutputCP
lstrcmpiW
GetVersion
DeleteFileA
LoadLibraryW
GetCommandLineW
QueryPerformanceCounter
MulDiv
IsDebuggerPresent
lstrlenA
CopyFileA
Sleep
GetLastError
GetWindowsDirectoryA
GetCurrentThread
lstrlenW
SetCurrentDirectoryA
GetModuleHandleW
GlobalFindAtomA
GetOEMCP
GetTickCount
RemoveDirectoryA
GetModuleHandleA
VirtualAlloc

user32

CharNextA
GetSystemMetrics
GetDC
GetDesktopWindow

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ