e93c38c107a6bbc06ef10acf04366aca_JaffaCakes118 | Triage

Sharing

General

Target

e93c38c107a6bbc06ef10acf04366aca_JaffaCakes118
Size

61KB
MD5

e93c38c107a6bbc06ef10acf04366aca
SHA1

5649eab95ca67bd709db9f9bf9eb5857617d14b4
SHA256

cb547f21e903e686c56f0e5df567ccc65462e85b3802adce66bc9c081d818a3f
SHA512

aed050ca9e7fa0b957463de4c6d2123a5aca020cf7a45415914863ceb9497b7a16b43c08bd8da89ad3049dffdb968e07951ad1a4a6ea49211149b36871662db2
SSDEEP

768:iM7O0GTipbBNcJ1wjHQwUPdKAZbyAD4ZVAuEPTeWq6umT/9O3x+DUYh3zXp2F5ke:iDVBwviKAJyAD4ZVAHPTc6uSo82Iot

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e93c38c107a6bbc06ef10acf04366aca_JaffaCakes118

Files

e93c38c107a6bbc06ef10acf04366aca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

29e01cc406d9e4e197ef9024435b495e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetTempPathA
GetVersion
lstrcpyA
GetSystemTime
GetTickCount
FindAtomA
CloseHandle
WriteFile
CreateFileA
GetLocalTime
lstrcatA
lstrcpynA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
GetLastError
LoadLibraryA
GetTempFileNameA
CreateMutexA
OpenMutexA
ExitProcess
lstrcmpA
GetCommandLineA
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

EqualRect
GetWindowRect
IsWindowVisible
wsprintfA
GetFocus
GetCaretPos
ClientToScreen
InflateRect
GetCursorPos

shlwapi

SHGetValueA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE