101d1f0118d7f36bfff316ea9de19943_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

101d1f0118d7f36bfff316ea9de19943_JaffaCakes118
Size

186KB
MD5

101d1f0118d7f36bfff316ea9de19943
SHA1

714a786835b3b73dfdfd4749f70247010c3eab73
SHA256

8c2e0a9a22850f494a25ce0b551caf1a6f4df5b1145a9e4cb1481a0c0334ed46
SHA512

60a5f86afdebb3429fd5f335bd704c4ca118999a7e5bdeffef848ec5af23ddcc9b02a1f7ded70dd3f16903a12a862314bd733ff89aa8417baa646ed09c29cacb
SSDEEP

3072:m1YbnSAgxhBSZgV4ux1hFQkPzgKiWyd4gYgaLxaOgngavef:mibnZgxhBmgV42FjiNdR2Nh6w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
101d1f0118d7f36bfff316ea9de19943_JaffaCakes118

Files

101d1f0118d7f36bfff316ea9de19943_JaffaCakes118
.exe windows:4 windows x86 arch:x86

342682021960c67c2c0d29ec15d8e7c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc
_adjust_fdiv
memset
_onexit
?terminate@@YAXXZ
__set_app_type

kernel32

SetStdHandle
HeapAlloc
FreeEnvironmentStringsA
LeaveCriticalSection
GetSystemTimeAsFileTime
WideCharToMultiByte
CreateFileW
FreeLibrary
WaitForSingleObject
Sleep
GetStartupInfoW
InterlockedExchange
lstrcpyW
QueryPerformanceCounter
InitializeCriticalSection
GetOEMCP
WriteFile
GetCurrentProcess
OpenProcess
GetStdHandle
GetTempPathW
GetCPInfo
ResetEvent
FlushFileBuffers
LoadLibraryExW
lstrcpyA
ExitProcess
HeapDestroy
GetVersion
GetStringTypeW
GetCurrentProcessId
GetModuleHandleA
GetStartupInfoA
GetTickCount
SetLastError
VirtualProtect
GetACP
LoadResource
TlsAlloc
SetConsoleCP
GetModuleFileNameA

user32

GetSystemMetrics
PtInRect
ClientToScreen
SendMessageA
GetSysColor

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ