119cb2c189d462119449e7e5ae9a6499_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

119cb2c189d462119449e7e5ae9a6499_JaffaCakes118
Size

21KB
MD5

119cb2c189d462119449e7e5ae9a6499
SHA1

77bf9d52d7af767535b8836c4a8446ac5d5ffb79
SHA256

99f12d566d3f09ea5ec04414bb0b411e6926599eba2ec48b6f097fd85d846d70
SHA512

d7e081a1464f6b135b66c7d7574a6e11cf7834e5e6b619e7b679f5c8cd8b33f3d6c7bba828794d55fb2a2876e3a93be91847957445618a7590858f83360dd746
SSDEEP

384:9oXXV/mbgf1AJht6YvX6q7mb2eN+TYwDPH2wD+unHrhffo9xa+DFw:LQ1AJDdqqxeNKWwCofo9J5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
119cb2c189d462119449e7e5ae9a6499_JaffaCakes118

Files

119cb2c189d462119449e7e5ae9a6499_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13c15f22bd861711eb61bc225a912a40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_beep
_exit

urlmon

CopyStgMedium

atmlib

ATMAddFontA

kernel32

GlobalAlloc
TerminateProcess
GetModuleHandleA
GetCurrentThreadId
GlobalUnlock
GetCurrentProcessId
VirtualAlloc
GetLastError
GetProcAddress
GetTickCount
QueryPerformanceCounter
GlobalFree
GlobalLock
GetSystemTimeAsFileTime
GlobalHandle
SetUnhandledExceptionFilter

Sections

.data
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textbss
Size: 512B - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE