091334426ff08024f5abc8b5b673c704_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

091334426ff08024f5abc8b5b673c704_JaffaCakes118
Size

159KB
MD5

091334426ff08024f5abc8b5b673c704
SHA1

6f8ac497c8b710b699f446fe6905dab1c26adad0
SHA256

73fbd489773ce9d208d56de6a96fe706bef9feffd628a439a1a366096d496e0c
SHA512

322640756a670b1414d2713fc324d98b9c80218173ff8a14f0598d59d4f4dd54b26cab973fc0ad51c5e32cb0e1d413f3c9489dddf3d91a94240987841a22e499
SSDEEP

3072:kYbMmp+1qgxokFf/C20z+S0GoUM5ZGKyEBL24iDJz1fb:kYblgjM+SzLkQK1d2DDJZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
091334426ff08024f5abc8b5b673c704_JaffaCakes118

Files

091334426ff08024f5abc8b5b673c704_JaffaCakes118
.exe windows:4 windows x86 arch:x86

569f3982cd4ab68fd63f17907d746573

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumDisplaySettingsW

kernel32

ReplaceFileW
UnhandledExceptionFilter
Sleep
GetStartupInfoW
GetSystemTimeAsFileTime
TerminateProcess
GetProcessId
GetCurrentProcessId
SetUnhandledExceptionFilter
EnumResourceTypesA
GetTickCount
IsDebuggerPresent
InterlockedExchange
ExitProcess
QueryPerformanceCounter
InterlockedCompareExchange
GetCurrentThreadId
GetCurrentProcess

shell32

ShellExecuteW

clusapi

CloseCluster

comctl32

InitCommonControlsEx

advapi32

RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ