122092371b20541a0e97ae905d67c721_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

122092371b20541a0e97ae905d67c721_JaffaCakes118
Size

40KB
MD5

122092371b20541a0e97ae905d67c721
SHA1

8810e2bf07fbe0d90880ef2323abaa072510590b
SHA256

1e43142e956db83702296cc324b90d6580572c3c4d6b2b8fd49114ef970a9e08
SHA512

0b6f4422b2e5369223155f5f31dd12bf52897ab631ceecf71e872e63e5b2b02a9afcae6d75a2356a314a43de2f846f203535def039c3316dd5d9a625613639a2
SSDEEP

768:+LbkgwarwZT67VBtQAUlm4lRpz4Eun3FLcc:2DwZTAVBtQAClv0Ewb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
122092371b20541a0e97ae905d67c721_JaffaCakes118

Files

122092371b20541a0e97ae905d67c721_JaffaCakes118
.exe windows:4 windows x86 arch:x86

831fd67779af159245c9868d7b1893ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetCommandLineA
GetOEMCP
GetThreadLocale
GetModuleHandleA
QueryPerformanceCounter
EnumTimeFormatsA
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ