b7dfb6c3d1af66cc996cd104eb0ca0ae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7dfb6c3d1af66cc996cd104eb0ca0ae_JaffaCakes118
Size

583KB
MD5

b7dfb6c3d1af66cc996cd104eb0ca0ae
SHA1

bc54f4aa446531c9fa9951132680f2f0f7079bb8
SHA256

d7dbd9a1f49f27d6c82c4c084bf8cafa98ffb4d1492a3c87e8755468715daff4
SHA512

b062d6a3378c7663d1a9d0f6f4aafdaf3f930004758b5a4d8becd6ff54414a09ce5711d3a0b7d242afb17ef87d9d0ffb600ef9a6010b9858a26c6e97c91f8a6f
SSDEEP

3072:4IEdbWXerWNVEcnMSwNkn+U7KQeavhNVRYz+vk2TInb:52rUEsMSw++UeOvhN7YzukKA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7dfb6c3d1af66cc996cd104eb0ca0ae_JaffaCakes118

Files

b7dfb6c3d1af66cc996cd104eb0ca0ae_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d92b5c14ba11f8ba7e5732e2e404e5f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetVersion
GetCurrentThread
MulDiv
RemoveDirectoryA
GetCommandLineA
GetProcessHeap
GetWindowsDirectoryA
GetCurrentProcess
GetOEMCP
GetModuleHandleW
IsDebuggerPresent
Sleep
GetLastError
lstrcmpiA
GetThreadLocale
GetModuleHandleA
SetCurrentDirectoryA
DeleteFileA
GetCurrentThreadId
GetConsoleOutputCP
GetStartupInfoA
lstrlenA
lstrcmpiW
GlobalFindAtomW
SetLastError
GetCurrentProcessId
GetACP
LoadLibraryW
DeleteFileW
GetDriveTypeA
lstrcmpA
GlobalFindAtomA
QueryPerformanceCounter
GetUserDefaultLangID
GetCommandLineW
lstrlenW
CopyFileA
VirtualAlloc

user32

GetDC
GetSystemMetrics
GetDesktopWindow
CharNextA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 408KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE