d7057cd7c704835023cf0a9f3512dc40_JaffaCakes118 | Triage

Sharing

General

Target

d7057cd7c704835023cf0a9f3512dc40_JaffaCakes118
Size

279KB
MD5

d7057cd7c704835023cf0a9f3512dc40
SHA1

6245880311b754c014224fa48bfc8fec0e6f8d10
SHA256

089baa45776805489941a95004825d83f134efed9f1fdbaccb204fc113cc1900
SHA512

d1755450713e448c76f88a7e854235de5a8bd5feaf2fabbe24e539212d1b49ed88aaefa48a88d6dfd48b628a6861cf5176b3291c09ea6d1a940848e753504c0c
SSDEEP

3072:wCgXaNG0g0bx/InJO4UGKoAosq0L82qY9eBQsWIO6J/f6G94N5qskXX:wC+aN/g0pDBoZ9Y9eQsWIb/iG94Hqp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7057cd7c704835023cf0a9f3512dc40_JaffaCakes118

Files

d7057cd7c704835023cf0a9f3512dc40_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a04f6089d5c9e77d783fdeefeb574c6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
GetFileTime
WaitForSingleObject
GlobalAddAtomA
ReadProcessMemory
TerminateThread
FileTimeToLocalFileTime
GetModuleHandleA
GetCPInfo
LoadLibraryW
lstrcmpA
QueryPerformanceCounter
Sleep
DeleteCriticalSection
GetVersion
GetStartupInfoA
ResumeThread
CreateToolhelp32Snapshot
GetSystemInfo
GetACP
LeaveCriticalSection
LocalFree
TlsAlloc
CreateFileA
LoadLibraryA
SetThreadAffinityMask

msvcrt

_flushall
_wmakepath
atol
_adjust_fdiv
_mbctohira
__set_app_type
_setjmp3
_safe_fprem
wprintf
__p__fmode
_XcptFilter
_logb
exit
_spawnve
_mbslwr
memcpy
_atoldbl
iswxdigit
_initterm
isupper
__getmainargs
_fpreset
_fileno
_ismbbkprint
wcspbrk
_wspawnlpe
wcslen
_controlfp
_getmaxstdio
__setusermatherr
__p__commode
_mbsspnp
_acmdln
printf
_exit
_except_handler3
_ismbblead

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ