1136147e0983bb31573c0b872bec3cb0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1136147e0983bb31573c0b872bec3cb0_JaffaCakes118
Size

312KB
MD5

1136147e0983bb31573c0b872bec3cb0
SHA1

f227c0b6228f44fc06d42f30d1a65c0dc68df6cf
SHA256

23cabfb33087c0f68e002ba428c9562eca6c549afa5db925d946874ec30b08cd
SHA512

f3c7781982ed4cfa6983bdb1a7ebda269ff7785efbaac1b454ef0408b4377e99646a4d2e02276eede31429aa9cf1d9af73db360e8cef49fca6148d596b2da1ca
SSDEEP

6144:1+VzthHIGNGDmHuQOWgAm0SJP3ZUeaUGGGqZPx9u2I4BjC6YynyOuv5:1+ZthlNGDiuQOWpNSJhUnK5Q29C6YB5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1136147e0983bb31573c0b872bec3cb0_JaffaCakes118

Files

1136147e0983bb31573c0b872bec3cb0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e02abf06b993806111a315a84ab372a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SetFilePointer
lstrlenA
GetLocalTime
ReadFile
GetFileSize
GetProcAddress
LoadLibraryA
WinExec
OutputDebugStringA
GetModuleFileNameA
GetWindowsDirectoryA
GetTickCount
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
VirtualAlloc
HeapReAlloc
GetLastError
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE