302fd0a8c3636577198c95f2e112e04a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

302fd0a8c3636577198c95f2e112e04a_JaffaCakes118
Size

11KB
MD5

302fd0a8c3636577198c95f2e112e04a
SHA1

2e499b35046b9d87ff49872e7f06138ced03449e
SHA256

e235ca54a98b63e0c46d87fb5678b99acc80f0bb6b079b4d6b5e94e5bb14f8ea
SHA512

e237b25a77c709341ed5d03dac74b461e81e043b249c10cacb0043722ffac5a2440a94fe19d32bfee4953d95f24c825e6bd4e5525f67680fd82c9db770366693
SSDEEP

192:VxCLiUxis7a8JXXZS5Xq3svW48BhW9p+8MoBqgtNdUa:LK97a6IwcvW48BhW9x1l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
302fd0a8c3636577198c95f2e112e04a_JaffaCakes118

Files

302fd0a8c3636577198c95f2e112e04a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

306946973e6bb4adf95508e359828269

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
FreeLibrary
UnhandledExceptionFilter
WriteConsoleW
VirtualAlloc
GetLocalTime
HeapAlloc
GetTickCount
SetHandleCount
GetACP
GetProcessHeap
CreateFileA
GetCurrentThreadId
GetCurrentProcessId
EnterCriticalSection
SetFileAttributesW
ExitProcess
FindClose
GetModuleHandleA
GetCommandLineA
GetStartupInfoA
SetStdHandle
SetConsoleCP
GetCommandLineW
GetCurrentProcess
GetDriveTypeW
GetOEMCP
GetLastError
RaiseException

advapi32

RegDeleteKeyA

user32

UnregisterClassA
MessageBoxA
SetCapture
SetDlgItemTextA
MoveWindow
GetFocus
CallWindowProcA

lz32

LZClose
LZRead
LZCopy

ole32

GetClassFile

msvcrt

_vsnwprintf
??2@YAPAXI@Z
__dllonexit

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ