02fd3fb90ba1b98cb2f3bac34c015013_JaffaCakes118 | Triage

Sharing

General

Target

02fd3fb90ba1b98cb2f3bac34c015013_JaffaCakes118
Size

819KB
MD5

02fd3fb90ba1b98cb2f3bac34c015013
SHA1

5b839127bdcd8bff119f9f117c6a5f72945343cb
SHA256

8a890ec7883694a7251616d870ecb07da46dac82b5f576808fd030dcf2639e8d
SHA512

63bea39dfad5d23b81e7c01c2f3492b41d18f737e56b60811377260bdd30735ec887db40a8d7a82f24042fed20baecca9520a58710c51565ac77073cb7fc26d8
SSDEEP

24576:A2jQqhNe9N4L5NScW7UXZ5S03vSw4PrJsb5h:AjD7ASrkS0fSw4lu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02fd3fb90ba1b98cb2f3bac34c015013_JaffaCakes118

Files

02fd3fb90ba1b98cb2f3bac34c015013_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c780f651d68712341041085ba12675d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
GetCurrentProcess
lstrcpynA
lstrcpynA
GetModuleHandleA
FindFirstVolumeW
lstrcpynA
WriteFile
GetFileType
lstrcatA
lstrcpynA
lstrcmpW
lstrcpynA
GetDiskFreeSpaceW
lstrcpynA
GetCurrentDirectoryA
GetSystemTime
SetThreadPriority
OpenMutexW
lstrcpynA
Heap32Next
GetPrivateProfileIntA
VirtualProtectEx
lstrcpynA
GetVolumeInformationA
lstrcpynA
GetDriveTypeW
lstrcpynA
ReadConsoleA

d3d8

DebugSetMute
ValidatePixelShader
Direct3DCreate8
ValidateVertexShader

Sections

.text
Size: 18KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 796KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ