fb59a5eb10139ad6af73778853dfafc0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb59a5eb10139ad6af73778853dfafc0_JaffaCakes118
Size

43KB
MD5

fb59a5eb10139ad6af73778853dfafc0
SHA1

a361d534698b682c26abb373bb5e77ef61a55db1
SHA256

f2719d1a893936f4eea2a2acf53284462ca56100a7f6f5758a8f837a5b538a23
SHA512

b7569c09b5415993a9ee7ef071a733659c090e5f0316b4f3aad13b4daaad20a7787cce516b9fbb6b639dcd559729061b0e68840f235020cba9afbc42e18ea04e
SSDEEP

768:kliUhvRKqRWkO1bDF9dbz2umQWQeQ6ZzrOAN0QS2yO7QtvHAuH9YyHcj53PmOkpm:0iU75uxdbz2N5B1Z3jUWKYuHHcj53wpm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb59a5eb10139ad6af73778853dfafc0_JaffaCakes118

Files

fb59a5eb10139ad6af73778853dfafc0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0642bab98b4e231f8044a0bf8fac3406

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetSystemTimeAsFileTime
GetModuleFileNameA
CopyFileW
MultiByteToWideChar
WriteFile
SetFileTime
GetDriveTypeW
CreateThread
GetSystemTime
ReleaseMutex
CloseHandle
lstrcmpiA
GlobalLock
CreateProcessW
SetLastError
GetCurrentThread
FlushFileBuffers
GetCommandLineA
lstrcpynW
HeapFree
GetModuleHandleA
ExpandEnvironmentStringsW
lstrlenA
HeapAlloc
SetFileAttributesW
OpenProcess
GetUserDefaultUILanguage
FindClose
CreateFileMappingW

Sections

.zwfst
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xmpyl
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.veruj
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ