d316f51ed8159468bca91c67dac95926_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d316f51ed8159468bca91c67dac95926_JaffaCakes118
Size

36KB
MD5

d316f51ed8159468bca91c67dac95926
SHA1

35ec52e13919d25f438d80861cc9b7db4176da63
SHA256

37dccbf08a90afd9431da8aaf706285d8767110a32f879addcafe39c0f48c3cf
SHA512

86a342b47fe328637a657f0e99eb6dce1059b7c66cbe4104b832527106ce8b36b8c83722452e91a7ce0a0a04b45cecaf5f5cf6082db8c38b61f404c0ab111fec
SSDEEP

384:L3BXv6zpKYgaMC5wCdCUnXsxNshfSmXjSIyrtzo0/wob:L3Bf6zYYg5aFsxOeI2tzp/wob

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d316f51ed8159468bca91c67dac95926_JaffaCakes118

Files

d316f51ed8159468bca91c67dac95926_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79524b0692fb5951f0dfb30f2a263cba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetProcAddress
GetModuleHandleA
LoadLibraryA
CloseHandle
WaitForSingleObject
GlobalFree
CreateProcessA
lstrcpyA
GlobalAlloc
Sleep
GetVersionExA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeW

user32

PostMessageA
wsprintfA
MessageBoxA
FindWindowA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE