d103896bf6825b38cd027daead91e863_JaffaCakes118 | Triage

Sharing

General

Target

d103896bf6825b38cd027daead91e863_JaffaCakes118
Size

372KB
MD5

d103896bf6825b38cd027daead91e863
SHA1

9c40dad7fcf28ebec9064a335b3b4a15a20e6f44
SHA256

6524b32495882416735df442b8d9cebf4b8f3f2f5f6d4bc2f5d3d2c0f985e41d
SHA512

6e661f53d3b66308fa8e2e7e3d7c3289e8fe17d028b8cf46334999078cd93a729a5dd2da324077ee4462a84ff21b578e49721dc0bb734cebea4d85a5ebaa5a1b
SSDEEP

6144:V29fpVL01b4b7tw1fdJzIJz6eS+5MR98Mgds7HiTddQv2X2Gh:Vmf/o1UXq1fPsJBS+MReM4ZdMah

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d103896bf6825b38cd027daead91e863_JaffaCakes118

Files

d103896bf6825b38cd027daead91e863_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b58a690e1df0c44d52075700bb8f29aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
CreateFileA
WriteConsoleW
GetLocaleInfoA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapSize
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
RtlUnwind
LoadLibraryA
InterlockedExchange
LCMapStringW
LCMapStringA
WriteFile
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetThreadLocale
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount

msvcrt

_iob
_initterm
pow
fprintf
exp
?terminate@@YAXXZ
free
_initterm
malloc
_adjust_fdiv
exit
_CIpow
_ftol
__CxxFrameHandler
_purecall
_except_handler3

msvfw32

ICInfo
ICOpen
ICSendMessage
ICClose
ICGetInfo

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ