daea607efb0ca3f7a7adde64cef448d1_JaffaCakes118 | Triage

Sharing

General

Target

daea607efb0ca3f7a7adde64cef448d1_JaffaCakes118
Size

39KB
MD5

daea607efb0ca3f7a7adde64cef448d1
SHA1

e3c0cc79dbafdc40690e245bc729503f37d676e2
SHA256

bbea4015896c89488258ecc8e4cf888af32a7e93b1d6ae4bbdf597082ff2c85d
SHA512

ba2f4d056ad5c4b3703324528500fab4fe3c5ceb2c821432c4ac43d2ba80a40be12bc54dd47f886665d61713fafb3ccf08d8d1684e9389b5b8e57d47d627ed44
SSDEEP

768:kR28lrm/RDisiAMPuY9J4/OLVFSTKUJ3yh2ZPF2g3t3:kr2RmxYOLVFBVhKFL3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daea607efb0ca3f7a7adde64cef448d1_JaffaCakes118

Files

daea607efb0ca3f7a7adde64cef448d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c8c612e8c4f9987d4f4f10bca45387cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetVersionExA
WaitForSingleObject
GetTimeFormatA
MultiByteToWideChar
GetProcessHeap
GetStringTypeA
SetErrorMode
WideCharToMultiByte
FileTimeToSystemTime
HeapCreate
FindResourceA
GlobalMemoryStatus
SetHandleCount
GetFileAttributesA
GetStdHandle
SetEvent
GlobalReAlloc
GetOEMCP
Sleep
CreateFileA
SetFilePointer
GetEnvironmentVariableA
GetTimeZoneInformation
InitializeCriticalSection
GetModuleFileNameA
lstrlenA
GetConsoleCP
EnterCriticalSection
ReadProcessMemory
RtlUnwind

msvcrt

_snwprintf
wcsncat
__set_app_type
fprintf
memmove

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ