b8363fcfa14bb112519a223fc567ba79_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8363fcfa14bb112519a223fc567ba79_JaffaCakes118
Size

689KB
MD5

b8363fcfa14bb112519a223fc567ba79
SHA1

f16ee6e8906787bd27622c571f2652659233abbd
SHA256

f50a5c82325f0448ee7e95cfa494a80a7109d7a4c42747b8c31f76afc7130689
SHA512

9cc2fa8126222ed30b27fbe2688d899ef6b6fa0807a5f6d8ab9b3fed4c49b16d6ff5f01d124a47cd967ae8a974ee53f3283988ca393ccb313da6442583b5db08
SSDEEP

12288:qxON+wSkOImKdNAKZlhL5wPnFc5nUs9GaCCzYVTU9h/2G:pNgSNDlZS9czdfz8ch/2G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8363fcfa14bb112519a223fc567ba79_JaffaCakes118

Files

b8363fcfa14bb112519a223fc567ba79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e304217fc16c011615a0ec22783cbfae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
SearchPathA
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: 340KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 284KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 48KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE