17518193ac001d0821f13b22a7f3595c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17518193ac001d0821f13b22a7f3595c_JaffaCakes118
Size

32KB
MD5

17518193ac001d0821f13b22a7f3595c
SHA1

2286fad6875fb82ffb2835e034869965aac21f53
SHA256

6926287ef6b2c1dc33f8501a3846120b537f2ab11ecc07b1c15335ba92ff32ca
SHA512

041c24298d8a8a7d87c76dbf3eb18e1b37ac81fa0db1c748aef66236b3b7ac64c65b77692dc26fd9c4becc8fb24da7f6d218c41ad18be7aea918c968a94eae0b
SSDEEP

384:HFwVCYbrz/mq7JhqLCYttnLA52RJ1Qfewt2HIoLnW:sBbrz/mszY1Lg2NQQI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17518193ac001d0821f13b22a7f3595c_JaffaCakes118

Files

17518193ac001d0821f13b22a7f3595c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b192d18ab95ee6aa48a6e6e6be68d431

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
ResetEvent
GetSystemTimeAsFileTime
CreateProcessA
GetEnvironmentStrings
GetWindowsDirectoryA
SystemTimeToFileTime
FileTimeToLocalFileTime
FreeEnvironmentStringsA
GetCurrentThreadId
CreateMutexA
GetVersionExA
CloseHandle
WaitForMultipleObjects
IsDebuggerPresent
IsBadWritePtr
lstrcpyA
DuplicateHandle
OpenProcess
CreateEventA
FileTimeToSystemTime
SetEvent
TerminateProcess
GetModuleHandleA
ReadFile
CreateFileA
VirtualAlloc
ExitProcess
LocalFree
FormatMessageA

user32

wsprintfA
MessageBoxA

ole32

StringFromGUID2
CoTaskMemRealloc
CLSIDFromString
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

LoadRegTypeLi
LoadTypeLi

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ