5271ba23656e91ed13cee88b34120233_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5271ba23656e91ed13cee88b34120233_JaffaCakes118
Size

344KB
MD5

5271ba23656e91ed13cee88b34120233
SHA1

0255ed9c800dae9e0780fdc5c7948a1a10343911
SHA256

623975534e44e1a834957345a806161e2184623edec64e5faf72014918dd1277
SHA512

15eb74235109896ee59c819973151081b96d27bcd567fbf2d134b8427e5bc5e9adda292f0f5cd591f9fe63740dda73fe6723eb28e083523d3fb016d10ef457ea
SSDEEP

6144:JYIb8S6w0pNFs33F2mBIj8jO0roD8DnmDn/tFCIMm14k2YdLCuDfWxxKFZRtly:JsS5sNFn6Ij7ua8TmD/vEYduuDxZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5271ba23656e91ed13cee88b34120233_JaffaCakes118

Files

5271ba23656e91ed13cee88b34120233_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9b3dbc604416e9f3cebfb825f8b9b62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetCurrentThreadId
GetStringTypeW
LoadLibraryA
GetVersionExA
MapViewOfFile
GetSystemTimeAsFileTime
SetErrorMode
WriteFile
SetUnhandledExceptionFilter
SetEvent
SetFilePointer
GetCurrentProcessId
VirtualAlloc
HeapFree
EnterCriticalSection
TerminateProcess
CreateMutexA
GetVersion
GetTickCount
GetLastError
GetModuleHandleA
GetCommandLineA
ExitProcess
HeapAlloc
GetProcessHeap
lstrlenA
GetStartupInfoA

msvcrt

_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
_strcmpi

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 332KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ