b7f06625c9f263b08798f2cfb6eaa761_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7f06625c9f263b08798f2cfb6eaa761_JaffaCakes118
Size

126KB
MD5

b7f06625c9f263b08798f2cfb6eaa761
SHA1

cae500732502e92bd8a6142304adc597ca712b69
SHA256

fc2175be59ca158395f6230c22fa1d91b2f8785ca62bc19e3095f86c86cdfa34
SHA512

cedfa46473e31a8113e8b5aa1544a6822dbc2d4bb86baa4b971fa55d677c3808e567c82b91a612001c0522fab3bf41cfc4196d4f85c990bc9a6c68cdbd26d8cf
SSDEEP

3072:KnVohYkQr0jeLwJr95rJo3ekOBCk+3kHG/:ZYQqLwhHrW3DUm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7f06625c9f263b08798f2cfb6eaa761_JaffaCakes118

Files

b7f06625c9f263b08798f2cfb6eaa761_JaffaCakes118
.exe windows:6 windows x86 arch:x86

755a414ec2e464fc157ccbf84f6a977b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wmpconfig.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter

msvcrt

_except_handler4_common
__set_app_type
_controlfp
?terminate@@YAXXZ
__wgetmainargs
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit

ole32

CoUninitialize
CoInitializeEx

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qnynshe
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE