109c40c8b50d7ed56fc84eeabd4fa6a3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

109c40c8b50d7ed56fc84eeabd4fa6a3_JaffaCakes118
Size

64KB
MD5

109c40c8b50d7ed56fc84eeabd4fa6a3
SHA1

657a740bd5db3afe01475a242a1c54ca7a72f8e8
SHA256

624f93a27c1f6bc82fcb88b3e4d97865c9c0e8e4d63490e904e6510adbc6cc12
SHA512

11cad63e9bb762d50c1956f02c49fa492ab180566414049318f65ff5981ca18cde80b13ce8fca7c74258a45bb3c3e765ed360213bd76f7b499b512085ad415d3
SSDEEP

768:GBXf2yY3XTZymuMITRm4lI0GpvsLre8oDC7iFMHMEidcNAxx1CbNBBU9Ls:GBXM3XTmMINlgp2IDTt2NcfCBzUK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
109c40c8b50d7ed56fc84eeabd4fa6a3_JaffaCakes118

Files

109c40c8b50d7ed56fc84eeabd4fa6a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a68adb9f9816537a535874c95d141c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
EnumTimeFormatsA
GetOEMCP
GetCommandLineA
GetThreadLocale
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ