272cde78e5bd255c34c44c530583cb3a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

272cde78e5bd255c34c44c530583cb3a_JaffaCakes118
Size

47KB
MD5

272cde78e5bd255c34c44c530583cb3a
SHA1

ffb57d86f7240a41de89e0ce36e0bd8b17a36f2e
SHA256

f3a9c5f834a9ce08d571e3b2785aff30de8114f8557c30462249078bb3d781ee
SHA512

1b4f6b77de27d19eb8c97f9b4a1b475b4de8d0e6642400c0db1b2666e0826898e0d79913552836c95a68899b480de097b3a8880409cf442710631cc4104a31f8
SSDEEP

768:FO5js5R4YuraZ0cB8ya3ZFjclUKKcTKwCXxmHSKfD3ypIUgIHEcoytGz9u8E8oTK:FwMurY8yaT8U6KxmHRbCpI2Voyt+9u8H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/movie1080p.mkv.exe

Files

272cde78e5bd255c34c44c530583cb3a_JaffaCakes118
.zip
movie1080p.mkv.zip
.zip
movie1080p.mkv.exe
.exe windows:4 windows x86 arch:x86

f150b1f1fc57e584bebc7db591e277a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
CreateNamedPipeA
GetModuleHandleA
Sleep
GetProcessHeap
GetStdHandle
DeleteFileA
GetDriveTypeW
SetLastError
FileTimeToLocalFileTime
GetVolumePathNameA
lstrlenA
lstrcmpiA
IsValidLocale
HeapCreate
GetModuleFileNameA
lstrcmpiA
WaitForSingleObject
lstrcmpiA
CreateMailslotA
lstrcmpiA
GetLogicalDriveStringsA
lstrcmpiA

scecli

DeltaNotify
SceSysPrep
SceOpenPolicy
InitializeChangeNotify

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ