091ab42c9db42775fc75e030179aa59a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

091ab42c9db42775fc75e030179aa59a_JaffaCakes118
Size

819KB
MD5

091ab42c9db42775fc75e030179aa59a
SHA1

23103793ce92b101f672e9c33b9d8be8d0a71634
SHA256

274452e26ac1d6a4ce789f1cbe89b96638b5d8054d1db9b27a6a8c043ff41b3b
SHA512

4f989e757844d9383465ad3d9f77681304737ab36b4b08dd2d835b5b30c3d69771f81ae5315ecd868ce2d1e82972028c63f10b2ce361be77c0368950af3e22b1
SSDEEP

12288:hCa5g925Opdh6cwQnn+RM2IQZXiQc7Z5WtYW8nz4tBU3yxWcgeOQtuNAIA0+n:hP5AOmWQGjZyQc7ZMeWUshWcHgNAIAp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
091ab42c9db42775fc75e030179aa59a_JaffaCakes118

Files

091ab42c9db42775fc75e030179aa59a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

590b385ec0c4a5188a4e3dd30e809fb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
Beep
Beep
GetModuleHandleA
Beep
Beep
DeleteFileW
Beep
Beep
lstrlenW
GetCommandLineA
VirtualQuery
SetLocaleInfoA
Beep
TlsSetValue
GetPrivateProfileIntA
TlsGetValue
WriteConsoleW
GetFullPathNameW
GetCurrentThreadId
Beep
Beep
FormatMessageA
SetCurrentDirectoryW
lstrcatA
SetThreadPriority
ReleaseMutex
Beep
VirtualProtect

catsrv

CreateComponentLibraryTS
GetCatalogCRMClerk
OpenComponentLibraryTS
DllCanUnloadNow

Sections

.text
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.data
Size: 797KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ