e0d444579a45a94a4161ff322765fb66_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0d444579a45a94a4161ff322765fb66_JaffaCakes118
Size

39KB
MD5

e0d444579a45a94a4161ff322765fb66
SHA1

45e280bbb5888604bcd63599bd9fd3af7e0cea53
SHA256

1a6dcc292724a73b0fd090b8e50fcbad4477491a7594e7207a2b3321bdea7b58
SHA512

dbf1ecd10be600db106ae7082a257ed74167ef500dc8bfd69f4cf18ceab631f153ad24e72aabc7f5d3ad145c9969a4ccb71810035d76ca39c53c091f11fb8f5c
SSDEEP

768:SB8P/fbVGlS+/yrISrlCs/xVRPtc4+ve5ymdROg:S4VGlJqflF/rRVc4IiymTOg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0d444579a45a94a4161ff322765fb66_JaffaCakes118

Files

e0d444579a45a94a4161ff322765fb66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78ef2134f4310e27ca152e2f6417ba42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
VirtualAlloc
lstrcatA
lstrcpynA
ExpandEnvironmentStringsA
GetModuleHandleA
LoadLibraryA
lstrcpyA
CloseHandle
GetCommandLineA
GetStringTypeA
LCMapStringW
LCMapStringA
TlsGetValue
GetModuleFileNameA
MultiByteToWideChar
GetProcAddress
HeapReAlloc
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetACP
GetOEMCP
HeapAlloc
GetStringTypeW

user32

KillTimer
GetQueueStatus

gdi32

CreateCompatibleDC

comdlg32

ChooseFontA

ole32

CoInitialize

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ