03e1052c2cbb8c3c05a14f73e0990e0c_JaffaCakes118 | Triage

Sharing

General

Target

03e1052c2cbb8c3c05a14f73e0990e0c_JaffaCakes118
Size

563KB
MD5

03e1052c2cbb8c3c05a14f73e0990e0c
SHA1

8ac676ea98238af00931cfbfc7b8731fda8b10a3
SHA256

1e4dfcc27bd9caf4d1dbfcfcc896ea243720c4ecbc36585ee656b7ce88939a14
SHA512

dbc038e433d83d78e73f13b8cb8a5ef88195487f4e61fd188a3edf16f77e9316db8ef2f123e4ac8c7b3312b25b3c777921f13c21024081de6f8ec9bba49e7050
SSDEEP

12288:vesfVYLFNcCh1zj8SdeoRWKCd8PAn8HjzxO6JF3nT:vtAEafdwdjEjzRRnT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03e1052c2cbb8c3c05a14f73e0990e0c_JaffaCakes118

Files

03e1052c2cbb8c3c05a14f73e0990e0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

faddb556325940dc2b27dd24d79831a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
FindResourceA
GetVersion
ExitProcess
TlsSetValue
GetTickCount
TlsGetValue
CreateEventA
GlobalAlloc
LoadResource
HeapReAlloc
GetSystemTimeAsFileTime
CloseHandle
GetCurrentProcess
WriteFile
ReadFile
SetFilePointer
GetStringTypeA
WideCharToMultiByte
SetStdHandle
GetCommandLineA
FreeEnvironmentStringsW
MultiByteToWideChar
UnhandledExceptionFilter
DeleteFileA
GetCurrentProcessId
LeaveCriticalSection
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
GetModuleFileNameA
GetCommandLineW
LoadLibraryA
HeapAlloc
IsDebuggerPresent
FreeLibrary
WaitForSingleObject
lstrcmpiA
lstrlenA
SetHandleCount
ReleaseMutex
EnterCriticalSection
GetStdHandle
VirtualAlloc

user32

DestroyMenu
GetClientRect
wsprintfA
ClientToScreen
DestroyWindow
GetSystemMetrics
SetWindowPos
MoveWindow
EnableWindow
GetParent
ShowWindow
ReleaseDC

Sections

.text
Size: 523KB - Virtual size: 522KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ