28c9e11ceb9490542c44598ee5b49116_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28c9e11ceb9490542c44598ee5b49116_JaffaCakes118
Size

239KB
MD5

28c9e11ceb9490542c44598ee5b49116
SHA1

ad5e0b1bbf1f862588d4a532e7040a8113f2e21f
SHA256

e5192ebc3725edc9f3e94797ce6707798899c0879d269f62fab0cb36cbfea171
SHA512

be8ca0370ac53160e3ccc11d5139515e24cf9841ba7d986e54abe84381d377e5b8bb5be3f52d5c71bc78c3081605bde96368d1175aa12be2ef697b122ffed722
SSDEEP

6144:SkS18M7lKcsbHQtaC+id24gpmdXYzVDdmetegIVguNZPqP:Sk3M7lKZbH6oe24UmRYrmvgItNA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28c9e11ceb9490542c44598ee5b49116_JaffaCakes118

Files

28c9e11ceb9490542c44598ee5b49116_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e1308e593ffea122294714dbc3498c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrChrW
StrStrW

kernel32

GetStartupInfoA
GetModuleHandleA
FormatMessageW
LocalAlloc
Sleep
GetCommandLineW
SetErrorMode
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryW
lstrcpynW
lstrlenW
lstrcmpW
lstrlenA
GetLocalTime
lstrcpyW
GetSystemDirectoryW
WideCharToMultiByte
MultiByteToWideChar
GetTempPathW
LocalFree

user32

wsprintfW

shell32

CommandLineToArgvW

ole32

CoInitialize

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

__dllonexit
exit
_XcptFilter
_exit
_onexit
_acmdln
__set_app_type
__p__fmode
__p__commode
_controlfp
_adjust_fdiv
__setusermatherr
_initterm
_except_handler3
__getmainargs
__CxxFrameHandler
??2@YAPAXI@Z
memset
memcpy
strlen
_CxxThrowException
free
??1type_info@@UAE@XZ

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ