11b9b20561dac82ae4168fd56d4773c5_JaffaCakes118 | Triage

Sharing

General

Target

11b9b20561dac82ae4168fd56d4773c5_JaffaCakes118
Size

216KB
MD5

11b9b20561dac82ae4168fd56d4773c5
SHA1

54bb8d191f1a272e9fa20be73fd5320343b9f571
SHA256

977806bbdb4d358b87c1d86b8b191f7bd0872eeaa58f09e05eb8cfef49ad0246
SHA512

a80e292db1edad8c6431ddcdbbddaff1e50216c25f2634f3cad82b117015c8b75a16fc1aa913732b2c33bebf59a99665c6f427533457d17842300467aea3a8b2
SSDEEP

3072:XTtmiBW1gmILXF2adbNRurUXLbVxLanTQmutOmXtspt1ENdZQH3MjH12letwRfVJ:XQiQK7zhnXLact

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11b9b20561dac82ae4168fd56d4773c5_JaffaCakes118

Files

11b9b20561dac82ae4168fd56d4773c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

157955124ed1308a299e966449e10d3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
Sleep
SetLastError
UnhandledExceptionFilter
GetLastError
UnmapViewOfFile
SetEndOfFile
OutputDebugStringA
DeleteFileA
GetFileAttributesExA
GetProcAddress
GetModuleHandleA
FreeLibrary
MapViewOfFile
GetTempFileNameA
HeapAlloc
GetCurrentProcessId
FindNextFileA
WriteFile
FindClose
GetFullPathNameA
GetPrivateProfileSectionA
SetErrorMode
HeapFree
GetSystemTimeAsFileTime
GetFileSize
OpenProcess
CloseHandle
GetPrivateProfileStringA
GetTickCount
GetProcessHeap
SetUnhandledExceptionFilter
GetCurrentThreadId
SetCurrentDirectoryA
GetModuleHandleW
TerminateProcess
CreateFileMappingA
ExpandEnvironmentStringsA
LocalAlloc
SetFilePointer
RemoveDirectoryA
LocalFree
SetFileAttributesA
QueryPerformanceCounter
CreateFileA
CompareStringW
CompareStringA
LoadLibraryA

user32

AdjustWindowRect
IsClipboardFormatAvailable
GetWindowRect

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ