02b656c5c79242dda4bfb51777a758ee_JaffaCakes118 | Triage

Sharing

General

Target

02b656c5c79242dda4bfb51777a758ee_JaffaCakes118
Size

25KB
MD5

02b656c5c79242dda4bfb51777a758ee
SHA1

36ee36c1566a036595a2c33ac79a30f5bf1464d0
SHA256

df91b8fbec1d3a6e43771101014326747f8dd3195e0a963ffc93452dc71ab540
SHA512

0c723919976cf35ee24334c72e6f473cfe56a80637392ea72cd1c08b304512bb2235a80c4d97797b8d73e0ad63db11088c327f8a89ccf153dab5391757dac6af
SSDEEP

768:NCZK3MhKc4erJik/d0pycKKd8+kF1C6g0:IZmyKcZ1l0AcD8F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02b656c5c79242dda4bfb51777a758ee_JaffaCakes118

Files

02b656c5c79242dda4bfb51777a758ee_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a62180f0fa4472423244f7dd9a97f3c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GlobalAlloc
RtlUnwind
FindClose
GetModuleHandleA
SetLastError
FindResourceExW
CreateFileA
SetConsoleCP
GetVersionExW
VirtualProtect
GetStartupInfoA
GetLastError
UnlockFile
SetThreadPriority
HeapAlloc
SetFilePointer
DebugBreak
lstrcmpiW
GetCurrentProcess
ExitProcess
FreeLibrary
lstrcmpA
TlsGetValue
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
GetConsoleOutputCP
GetCurrentThreadId
MultiByteToWideChar
FreeEnvironmentStringsA
SetStdHandle
GetTickCount
GetSystemTimeAsFileTime

user32

CharNextW
PostQuitMessage
ScreenToClient
EnumChildWindows

ole32

CoCancelCall

advapi32

OpenThreadToken
RegCloseKey
RegQueryValueExW

msvcrt

??3@YAXPAX@Z
_errno
_amsg_exit
_initterm

lz32

LZClose

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 21KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ