JaffaCakes118_c4464656a3d490b10b3b71b6a2287f65 | Triage

Sharing

General

Target

JaffaCakes118_c4464656a3d490b10b3b71b6a2287f65
Size

204KB
MD5

c4464656a3d490b10b3b71b6a2287f65
SHA1

ce63f750fbca1f74dce30d30f94b28790a644d52
SHA256

adb57815b3d5c3b17f340101ab2397124a45a0450af96b66ecac60e5ef7e704a
SHA512

4562b8ef946ab317b2ace064fbf2717bd28c4fbcbe7554bfff6f37fd171a4240ec40d90d099a11aff697523c62e42b1d0540ea64244a32f9606776c32b5ecd29
SSDEEP

6144:67b6ld+AyS0Ugndwef3MYkVvpXQfItsw:67e+rS0Ugdww3nkPQu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_c4464656a3d490b10b3b71b6a2287f65

Files

JaffaCakes118_c4464656a3d490b10b3b71b6a2287f65
.exe windows:4 windows x86 arch:x86

0494164b668977272456f417014da08e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
SetProcessWorkingSetSize
GetEnvironmentVariableA
LocalAlloc
GetCurrentProcessId
GetLocaleInfoA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MultiByteToWideChar
GetSystemTimeAsFileTime
lstrlenA
GetCurrentProcess
EnumResourceTypesA
WideCharToMultiByte
CreateProcessA
RaiseException
SetHandleCount
GetCurrentThreadId
GetModuleHandleA
TerminateProcess
GetACP
GetTickCount
InterlockedExchange
GetThreadLocale

ole32

GetHGlobalFromILockBytes
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ