f64b632e4bcd6d676a51a438462a9015_JaffaCakes118 | Triage

Sharing

General

Target

f64b632e4bcd6d676a51a438462a9015_JaffaCakes118
Size

174KB
MD5

f64b632e4bcd6d676a51a438462a9015
SHA1

3eee3e84f47c6582505e7591d72cc6574ca2304c
SHA256

8df01200ef92c91bd5465002baff0c9e45ae5e233da201b436e86ba9bbf07126
SHA512

6b39d90cb5ae893966f949199bcfa5dcfbfa8e9dcf915bcf1978ae18354c8bfb4aa8d29f082762a4c777c55b188273943bcff319e52d412d8d65567ff292c5f7
SSDEEP

3072:ZVspm8VFP37ODudlEZCQOtBYwJHqB/f4EHZSIwn05ZkPpw5wMDfKsSf:ZKjkuJQO1J03tdrPwMzbSf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f64b632e4bcd6d676a51a438462a9015_JaffaCakes118

Files

f64b632e4bcd6d676a51a438462a9015_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa785b65bba244ed37bca3256922b5e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetNextVDMCommand
SystemTimeToFileTime
SetEnvironmentVariableW
CompareStringA
GetShortPathNameW
SetThreadPriority
GetStringTypeW
SetErrorMode
SetCurrentDirectoryW
FindClose
FindFirstFileW
EnumResourceNamesW
FreeLibrary
LoadResource
GetLocalTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
RegisterWaitForSingleObject
FindResourceW
FileTimeToSystemTime
FindNextFileW
SearchPathW

user32

ReleaseCapture
SetCapture
RealGetWindowClassA
GetCapture
InvalidateRgn
ValidateRect
ValidateRgn
ExcludeUpdateRgn
GetUpdateRgn

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ