f18c43ccc5da9ecaae9fac0b88883e9b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f18c43ccc5da9ecaae9fac0b88883e9b_JaffaCakes118
Size

390KB
MD5

f18c43ccc5da9ecaae9fac0b88883e9b
SHA1

b1f02b7f5cbf296e9e41cf5e9100c14118da68ad
SHA256

547ab1a45743ae5e1a554e5f9f281263bbf6e42314cf885ef6f8eeb40ae5084a
SHA512

271d815e85771951eac8791ea17ae4571f8faee15a3400197a18cfc3661703ee651f2fad9c8d5615180aaa67327ab6b255d81cef2f67bfeecfa38ef4d9b13fd6
SSDEEP

12288:+9Un1hr9blFNXXcnHNhoz2v08+0qMWyAkyrycA:kwWJky5yrycA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f18c43ccc5da9ecaae9fac0b88883e9b_JaffaCakes118

Files

f18c43ccc5da9ecaae9fac0b88883e9b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0526ab48453b9b47209be972e348906b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
VirtualQuery
SetSystemTime
CreateProcessW
RtlUnwind
CreatePipe
QueryPerformanceCounter
GetCurrentProcess
GetProcAddress
VirtualAlloc
GetCurrentThreadId
GlobalSize
HeapReAlloc
HeapAlloc
GlobalFlags
VirtualQueryEx
HeapFree
InterlockedExchange
GetModuleFileNameA
TerminateProcess
GetModuleHandleA
ExitProcess
DuplicateHandle
WaitCommEvent
WriteProfileStringA
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetNamedPipeInfo
CreateMutexA

wininet

InternetCheckConnectionW
FindFirstUrlCacheEntryExW
ReadUrlCacheEntryStream
InternetSetOptionExW
InternetShowSecurityInfoByURL
IsUrlCacheEntryExpiredW
ShowCertificate

comdlg32

GetFileTitleA
ChooseColorW
ChooseFontW
PrintDlgW
GetFileTitleW
PageSetupDlgA
LoadAlterBitmap
FindTextW
PrintDlgA
ReplaceTextA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ