421c6b75f8570ca0edbae933d548e9ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

421c6b75f8570ca0edbae933d548e9ba_JaffaCakes118
Size

235KB
MD5

421c6b75f8570ca0edbae933d548e9ba
SHA1

92a4c0486aa0f6187083aa7a2b425c3f96d4f419
SHA256

dfcdea9cffdf9a2113391760f4450d585932f5cffa83e8b153273982678098aa
SHA512

040e6d708ff2567f7279ee51b7d746916fee3317e70bcf5f30e907eb81a9fea15d29908f6f8d422006a29ace8b05587f311d453de78c33fd315209062734e024
SSDEEP

6144:58xqrAJfIAUtcIcBdFIPC/S8i4XHhj1foorF:58xgOldFIKaMHnwoF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
421c6b75f8570ca0edbae933d548e9ba_JaffaCakes118

Files

421c6b75f8570ca0edbae933d548e9ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4a0865ba0b05532066253b35d5b8dc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

avifil32

AVIFileInit

user32

GetMessageW
TranslateMessage
DispatchMessageW
EnumWindowStationsW
PostThreadMessageW
UnregisterClassA

kernel32

GetDriveTypeW
GetCurrentProcessId
GetTempFileNameW
GetTempPathW
SetFilePointer
GetProcAddress
ExitProcess
LoadLibraryW
GetTickCount
CreateProcessW
GetSystemTimeAsFileTime
HeapFree
GetProcessHeap
HeapAlloc

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.strings
Size: 5KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ