ea76cca3572adea7e193a6d366f52ff3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea76cca3572adea7e193a6d366f52ff3_JaffaCakes118
Size

21KB
MD5

ea76cca3572adea7e193a6d366f52ff3
SHA1

17387eaf49231a46ab2551e4fdaa5adfc466e601
SHA256

94904d2a2b6896eeff97282ffb2742580f5688d2242ddc998af7e82068fae801
SHA512

d476738b04ffb1f16fc84039312dbf5eed27a0b1fd198204e5fc02a0b4e07e70732dc923c05ff41f59094c0753b684c53cbc1e3b56c6cba8c81abbfa5c054247
SSDEEP

384:xLii5ooOOuK+vVCqqK50vvZs+prEyCbEIiW/5bwUJV4IVqsJ/qN4GskAFAw9leOL:xLii5/jBIiW/5bf4IVB/qN4R49

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea76cca3572adea7e193a6d366f52ff3_JaffaCakes118

Files

ea76cca3572adea7e193a6d366f52ff3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8eb8d12bb8563a1d30ba8389391288b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
WinExec
CopyFileA
lstrcpyA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetTickCount
lstrcatA
GetSystemDirectoryA
ExitThread
SetProcessWorkingSetSize
GetCurrentProcess
CreateProcessA
CreateThread
SetFileAttributesA
GetLastError
CloseHandle
ReleaseMutex
OpenMutexA
GetTempPathA
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetEnvironmentVariableA
GetShortPathNameA
WaitForSingleObject
ExitProcess
CreateMutexA
GlobalMemoryStatusEx
GetComputerNameA
GetLocaleInfoW
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary

msvcrt

malloc
strcpy
atoi
strncpy
strcspn
strstr
exit
strcat
strncmp
_except_handler3
rand
memset
memcpy
sprintf
strlen

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE