542b6a287b737256f09d7713dccbb6b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

542b6a287b737256f09d7713dccbb6b5_JaffaCakes118
Size

177KB
MD5

542b6a287b737256f09d7713dccbb6b5
SHA1

33ab963ad44a5dbee90678a29e3412ca1c03d10f
SHA256

0ab079f651261d0ac4f41ae34ddcd3e45393aadcab9090e1f9b7e6612e5de20f
SHA512

906ce10ca94a346af8f5ecd65fad0ed9f6367c2ca2b6fd57b346b01850dfd108dd92b3b78d43ebdd571bc2591610735a100c716d81fcd0b3a17cb2a222b0bc26
SSDEEP

3072:fj0n9Bew80IZh7ZXlMw7zGkTl1+X9IDsZEoBJoaKYQDQqukdZek67nmgaqJT:LiBdMHZXlMw7zl7+X9IDsWoBmlYQG2E9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
542b6a287b737256f09d7713dccbb6b5_JaffaCakes118

Files

542b6a287b737256f09d7713dccbb6b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f707f86e4df19731002fa62c316d1def

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
SetUnhandledExceptionFilter
GetModuleFileNameW
ExitProcess
GetStdHandle
FindClose
InterlockedDecrement
FreeLibrary
HeapReAlloc
VirtualAlloc
GetCurrentDirectoryW
VirtualProtect
SleepEx
CreateFileMappingW
CreateFileW
GlobalFree
GetCommandLineA
QueryPerformanceCounter
GetCurrentProcessId
DeleteCriticalSection

msvcrt

memset
_CxxThrowException
??1type_info@@UAE@XZ
_initterm

version

GetFileVersionInfoA

user32

RegisterClipboardFormatW
LoadIconW
IsChild
GetActiveWindow

advapi32

RegOpenKeyExA

ole32

CoUninitialize

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ