b9fb5d9f8aa55131be98041085500914_JaffaCakes118 | Triage

Sharing

General

Target

b9fb5d9f8aa55131be98041085500914_JaffaCakes118
Size

133KB
MD5

b9fb5d9f8aa55131be98041085500914
SHA1

093ce3b7a432d60b3dcb8271137162fc777ec9ef
SHA256

97f97122441108dd663f1ab8ec743659e060d38a533d72de9587c7d1be59845b
SHA512

bd4ad8286accb13d04b9cee84028e87992e7225b432759b3cd50a08c5ef92b6486b2b0ef20b36f3b47507d069a303411618661bbe68a2aa09d91d9a32593e9cb
SSDEEP

3072:Z6o5IlDlieNqYAF/Uy3Zt8CXrQMAtqOC0lDWx7pqlm131Y:fsdFg8Yz88QMK+0lDW7ql21

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9fb5d9f8aa55131be98041085500914_JaffaCakes118

Files

b9fb5d9f8aa55131be98041085500914_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8fa1a7ea345f14bd60bd98621966cd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW

kernel32

GetStartupInfoW
TerminateThread
SetUnhandledExceptionFilter
GetCurrentThreadId
UnhandledExceptionFilter
CreateIoCompletionPort
TerminateProcess
QueryPerformanceCounter
InterlockedCompareExchange
GetCurrentProcessId
EnumResourceNamesW
ExitProcess
GetSystemTimeAsFileTime
IsDebuggerPresent
InterlockedExchange
Sleep
GetTickCount
GetCurrentProcess

user32

EnumDisplaySettingsW

clusapi

CloseCluster

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ