d1f2bd93b566699b89de3a21e5a3b085_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1f2bd93b566699b89de3a21e5a3b085_JaffaCakes118
Size

47KB
MD5

d1f2bd93b566699b89de3a21e5a3b085
SHA1

08518fe56a2577d07e0b82a470f8198aace0e9c3
SHA256

3dc6b5de856447fe32e15a1e24bd00e4e2ffe92c5eaeb473e4e30ee55fb38cc3
SHA512

36f320473b14d2969aa5017b84540bce54d28d4e853fcbb9590ce661dfcaa8de0d69db280f0845a8dadadbc969164e73cb9c8fdbcd49f2b50a76580d08dba7b2
SSDEEP

768:yEEyzyg2aAindmhbSBkXvFLtqxlSnfTotqwWtBd1PvtnBgHXXXzXXXLXXXxC/EX/:ZH2ahdmhOBkXtMx4N5BfMHXXXzXXXLX/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1f2bd93b566699b89de3a21e5a3b085_JaffaCakes118

Files

d1f2bd93b566699b89de3a21e5a3b085_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92b398f08b2cb28b4880cd6d9379ce5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
GetFileSize
GetLastError
CreateFileA
WriteFile
GetCurrentProcess
LoadLibraryExA
VirtualFree
QueryPerformanceCounter
ExitProcess
GetEnvironmentVariableA
GetVersionExA
SetThreadPriority
GetCurrentThread
SetPriorityClass
VirtualAlloc
MultiByteToWideChar
LoadLibraryA
GetProcAddress
Sleep
FreeLibrary
IsDebuggerPresent
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
RtlUnwind

advapi32

GetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
SetFileSecurityA
OpenProcessToken

imagehlp

CheckSumMappedFile

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 11B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ