13f9e8dcf7a2a6a37ebcddd8207c9af5_JaffaCakes118 | Triage

Sharing

General

Target

13f9e8dcf7a2a6a37ebcddd8207c9af5_JaffaCakes118
Size

55KB
MD5

13f9e8dcf7a2a6a37ebcddd8207c9af5
SHA1

666a2c4a76be320155f22902250d8137f04fd2a3
SHA256

19a4c15bac540d2fd6117be0480b69cc258776bf07d7bb0c0cd6e09cc6091be0
SHA512

180f582d31d42a74744a817a8bed6025559c75e802ae70f73df87d15403963599de026a9009de9a7ec14bade534b94ca61996c5d28745a73f3ec54906f4862c2
SSDEEP

768:3Dy+MqkA9xcF6fJfl7fpnnsk3/Fv+AeUF36EEQcPRZ0FGmJR+aXoT8NG3i5gVYqL:1c6f1TstAxF36EEQcPy35XXGi53qy691

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13f9e8dcf7a2a6a37ebcddd8207c9af5_JaffaCakes118

Files

13f9e8dcf7a2a6a37ebcddd8207c9af5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0763de8e82e87bbbe4409b04e764540d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrChrA
StrStrA
StrToIntA

user32

PostThreadMessageA
wsprintfA

ole32

CoCreateGuid

msvcrt

__setusermatherr
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__CxxFrameHandler
strlen
memcpy
time
srand
rand
memset
??2@YAPAXI@Z
??3@YAXPAX@Z
_adjust_fdiv

kernel32

GetStartupInfoA
GetModuleHandleA
DeleteFileA
GetModuleFileNameA
SetFilePointer
ReadFile
CreateMutexA
GetLastError
GetFileAttributesExA
ReleaseMutex
lstrcpyA
lstrlenA
Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
WriteFile
GetSystemDirectoryA
lstrcatA
CloseHandle
GetFileTime
SetFileTime
WaitForSingleObject

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mytyj
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE