dfb6e14c6eb3b46580514957ec8f108a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfb6e14c6eb3b46580514957ec8f108a_JaffaCakes118
Size

432KB
MD5

dfb6e14c6eb3b46580514957ec8f108a
SHA1

3aa63cd50589cfe55afa1183ad332db41e9fa5cc
SHA256

3aefaef3bbe2e075ab593802d72be7c1b999a28b12f9418cccb43dcf3054134a
SHA512

c4af656049068fafce523775546fcca34b4a5bf4d59cf1865af704b9b8f0dcbc492bc6783393dad8fab8ae742ebb1da3298ef703d33e95234a38c262b23be278
SSDEEP

12288:Cp5MAQu4svvmzMBfhpL7vAf9qExp8VxnwhpHFMEdAhvGP:c+ASA8uhZTpExSVhwhBKEdAC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfb6e14c6eb3b46580514957ec8f108a_JaffaCakes118

Files

dfb6e14c6eb3b46580514957ec8f108a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f49d0718c83a6efb2cfddff662426304

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
SetLastError
GetCurrentThreadId
GetFileType
Sleep
InterlockedDecrement
SetEnvironmentVariableA
GetStringTypeW
WriteFile
ReadFile
lstrcmpA
WideCharToMultiByte
RaiseException
GetCommandLineA
HeapSize
LocalAlloc
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
QueryPerformanceCounter
GetOEMCP
GetStdHandle
HeapAlloc
VirtualAlloc
GetModuleHandleA
GetStartupInfoA
GetVersion
GetProcAddress
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
TlsSetValue
TlsAlloc
TlsGetValue
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
LCMapStringA
LCMapStringW

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 392KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ