e1467021634e8322def2b7c0d1af78fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1467021634e8322def2b7c0d1af78fb_JaffaCakes118
Size

181KB
MD5

e1467021634e8322def2b7c0d1af78fb
SHA1

dfe7a62551075aa0081608e1dba574c84e93f10b
SHA256

768e9595201bb927763a1de3f9e637dba00f77019a78076fe531212524411a2b
SHA512

f56d0f800350a106121b90dd0fb00e9fed86d1eace022ad5a3e54e3a9a4170b8e619ef23ab29e814e92c0e71c3f2590d5bb2b1e6f6f4e9b36265ff7ff392c1ef
SSDEEP

3072:b9vL9nuKto4nDbfagCqKZk5yY/FMRKSZGq9STBpjoE5zQVDV7tfR2OhKkVRRW6Gl:RvLs4nDWgRAkPFkpgTBpL5Y57tZ2OLYj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1467021634e8322def2b7c0d1af78fb_JaffaCakes118

Files

e1467021634e8322def2b7c0d1af78fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4175c47e9ab80aa8ff4d1eb7b477c81d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
FreeResource
lstrlenA
GetLocalTime
GetTickCount
WriteFile
SizeofResource
CreateFileA
LoadResource
FindResourceA
GetModuleHandleA
MoveFileA
LockResource
DeleteFileA
GetSystemDirectoryA
GetModuleFileNameA
CopyFileA
Sleep
CreateThread
WinExec
ExitProcess
GetFileAttributesA
GetWindowsDirectoryA
LoadLibraryA
GetLastError
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary
GetProcAddress

msvcrt

_onexit
__dllonexit
exit
fopen
fwrite
fclose
??2@YAPAXI@Z
memset
_strrev

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 672B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 32B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ