d4d2ed9af22b504d28a3c71ba44fb931_JaffaCakes118 | Triage

Sharing

General

Target

d4d2ed9af22b504d28a3c71ba44fb931_JaffaCakes118
Size

164KB
MD5

d4d2ed9af22b504d28a3c71ba44fb931
SHA1

785efcd0d606fa798b991bd9cb3cf945e7193a53
SHA256

a20a0fa81c86275ebbb5aa0d465adc297391172e034ba4c3a9f73b5e34fe0922
SHA512

4d9d82edf3faaf296955fc01717225223f7f10abd9c2566aba2d4e2bcf437548488086019400520ae7d697f7840237f147dd26274e44ffa2bf53176565306e55
SSDEEP

3072:Y1wgtKwbbsgG6ZpBcxoOevxh2mo/uJ3bWhj6f0:Y1HQo9pZfmJuJ3q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4d2ed9af22b504d28a3c71ba44fb931_JaffaCakes118

Files

d4d2ed9af22b504d28a3c71ba44fb931_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a02cf79bcd9d8ee6f3ede0041ec316a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReplaceFileW
SetUnhandledExceptionFilter
InterlockedExchange
Sleep
GetCurrentThreadId
IsDebuggerPresent
GetProcessId
TerminateProcess
GetTickCount
EnumResourceTypesA
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
GetSystemTimeAsFileTime
InterlockedCompareExchange
GetStartupInfoW
UnhandledExceptionFilter
GetCurrentProcess

shell32

ShellExecuteW

clusapi

CloseCluster

user32

EnumDisplaySettingsW

comctl32

InitCommonControlsEx

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ