016f3282278f10a0d65314abe1f9c3f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

016f3282278f10a0d65314abe1f9c3f8_JaffaCakes118
Size

239KB
MD5

016f3282278f10a0d65314abe1f9c3f8
SHA1

89901f62f3609344b759cc5ee1e1a5dd2c297fef
SHA256

c03b776eb4ba1b88dd129ea7ce597b697dc02dcae2c17e21a2f324a10f1350fa
SHA512

aead68e047ae9a0e5c21b5fa418d0a980f6798f6d10779d8d86cb3f9a6e568eff7e4fec2ad7c44edaec4ba8a305cb361d66e8c962b2392724125522a5a1d3c31
SSDEEP

6144:9IuMI4W001OsotCZmi2/mGY4JtGDeY/yZbUPgBfi/YEV6Z:WeV0/sYCZbzd4k1Eghpw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
016f3282278f10a0d65314abe1f9c3f8_JaffaCakes118

Files

016f3282278f10a0d65314abe1f9c3f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa34f7dfbdc55fc17b875d26370ff941

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

msvcrt

_exit
__set_app_type
_adjust_fdiv
_c_exit
__p__commode
_onexit
__getmainargs
_XcptFilter
_CxxThrowException
__dllonexit
_initterm
__CxxFrameHandler
__p__fmode
exit
_amsg_exit
memset
_acmdln
_cexit
_except_handler3

kernel32

AttachConsole
GetCommandLineW
GetLastError
lstrlenA
GetFileSize
LocalAlloc
ExitProcess
LocalFree
WideCharToMultiByte
SizeofResource
MultiByteToWideChar
LoadLibraryExW
GetModuleHandleA
GetModuleFileNameA
QueryPerformanceCounter

user32

SetTimer
GetSystemMetrics
MoveWindow
EnableWindow
TranslateAcceleratorA
SetCursor
SendMessageA
GetClassNameA
GetParent
KillTimer
DestroyIcon
GetMessageW
EndPaint
EnumWindowStationsA
DestroyWindow
TranslateMessage
PostThreadMessageA
GetClientRect
MessageBeep

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dir
Size: 11KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ