096608ce6c3744c14c2e2468f5303168_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

096608ce6c3744c14c2e2468f5303168_JaffaCakes118
Size

818KB
MD5

096608ce6c3744c14c2e2468f5303168
SHA1

d974da5fe51ec544f4dfded2eeecc62591a81e0b
SHA256

6c68783ae3e37b233521c4667c8db2d35f3ce40297f6265b1fd1f75a921fcf76
SHA512

6892cc2ce7175fc3879537bd784b7e453a17302f4387bfb8d6b32b9b2090e947120aeab40b3d87271c9ba963c5a48bf92c4ebe10d173b00b11729ba27315338c
SSDEEP

12288:yrLa0c3G3FKwtmxmXK6vHB8HMI2kw8Vj4BklrcEhQq3IV+M2rHcVEfLfOU5JRw:yrmx21rtm0xvBtqwQ8UcEpuVE6GJq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
096608ce6c3744c14c2e2468f5303168_JaffaCakes118

Files

096608ce6c3744c14c2e2468f5303168_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e516cae509f6330fd15e44be61790af8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpynA
ReadFile
VirtualFree
ReadConsoleA
SetThreadPriority
GetFileType
lstrcpynA
GetCurrentDirectoryA
FormatMessageW
lstrcpynA
GetSystemTime
lstrcatA
GetModuleHandleA
lstrcpynA
GetPrivateProfileIntA
VirtualProtectEx
lstrcpynA
GetCurrentThreadId
lstrcpynA
lstrcpynA
lstrcmpA
lstrcpynA
OpenMutexW
GetDriveTypeA
lstrcpynA
GetVolumeInformationA
GetDiskFreeSpaceW
lstrcpynA
Heap32First

cmdial32

InetDialHandler
RasCustomDial
RasCustomDialDlg
AutoDialFunc

Sections

.text
Size: 17KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 795KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ