42bdd2afc1e07ab83c1bf2a6ddb2c0d3_JaffaCakes118 | Triage

Sharing

General

Target

42bdd2afc1e07ab83c1bf2a6ddb2c0d3_JaffaCakes118
Size

770KB
MD5

42bdd2afc1e07ab83c1bf2a6ddb2c0d3
SHA1

a5d99fcab5da968fceb91da4871e6ecf6f2ac969
SHA256

b73d62ab32e93eb84d52ab4446fe1fac25e4c13c46fad3f955a1fbb67f3e6add
SHA512

291b0898ea1f3de50a0a5de8fba0f00b25571004fefc1b94261c0166ea1e7d96dd215246eae55e7655e03b51e4d2c007ef8b76cbcef07ee643adc33e2948e695
SSDEEP

6144:CdeD0PPk73zHhqKJ/YJhQuzAjHTlxGiU7/B7jyUNw1q/oTJLrkySeBtMi2KB:ClPkdshQuiHBxGiOq0mqAxrpdgfC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42bdd2afc1e07ab83c1bf2a6ddb2c0d3_JaffaCakes118

Files

42bdd2afc1e07ab83c1bf2a6ddb2c0d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec425a60d501003c95b3be124a4479fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowLongA
LoadCursorA
GetParent

kernel32

VirtualAlloc
GetStartupInfoA
RaiseException
SizeofResource
GetLastError
GetModuleHandleA
GetUserDefaultLangID
GetCurrentProcess
GetVersion
GetSystemDefaultLangID
GetModuleHandleW
GetCurrentThread
GetTickCount
GetCommandLineA
GetCurrentProcessId
GetUserDefaultLCID
GetThreadLocale
TlsFree
IsBadReadPtr
GetVersionExA
CreateFileW
InterlockedDecrement
WideCharToMultiByte
InterlockedExchange
FindNextFileW
InitializeCriticalSection
CreateThread

Sections

.text
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 814KB - Virtual size: 813KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ