da7b33ab779fcfb002f7294d4ec200bf_JaffaCakes118 | Triage

Sharing

General

Target

da7b33ab779fcfb002f7294d4ec200bf_JaffaCakes118
Size

180KB
MD5

da7b33ab779fcfb002f7294d4ec200bf
SHA1

00b414bc2b13aec21463efb2b2e9e21b5e3b031b
SHA256

46a06ed5c9e9b8588e0349638a4e79d201e0b63ed40a74b09b808f5c8704c06c
SHA512

625f058a9d7fe5747a43840a001cfc10c23198c59ee1d85ab6c3e44c27e4f3f1cb8bd4d21e967f14ccfaa9a35dffb0179965a90bd2873e88df4a85c8adb9cc6f
SSDEEP

3072:3XY8WSqNtMv7nb3kCtdx40LmBVwrDjCggr2h+2XB/PFY:47NtMv7nb3kGdxnm4OrGHx1Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da7b33ab779fcfb002f7294d4ec200bf_JaffaCakes118

Files

da7b33ab779fcfb002f7294d4ec200bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e95e4b3904bc904c64373465847f0dd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW

user32

EnumDisplaySettingsW

clusapi

CloseCluster

kernel32

TerminateProcess
ReplaceFileW
QueryPerformanceCounter
IsDebuggerPresent
Sleep
GetProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
EnumResourceTypesA
GetCurrentThreadId
GetTickCount
ExitProcess
InterlockedExchange
GetStartupInfoW
SetUnhandledExceptionFilter
GetCurrentProcessId
InterlockedCompareExchange
GetCurrentProcess

comctl32

InitCommonControlsEx

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ