f1ac2e96318ac378e1428bbc5de8e58f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1ac2e96318ac378e1428bbc5de8e58f_JaffaCakes118
Size

94KB
MD5

f1ac2e96318ac378e1428bbc5de8e58f
SHA1

1005fe77ebd6c0049150ed697d2f9c08347d31e7
SHA256

dc9ecdaa7520cf6522c438ba8aab3088aecf5c4e41dbca2bdfdc15d66a2f6186
SHA512

86ba67505c5406133fdd9c6d9e75093272c09b63e40b6419902df4ce3ed83b9864bf67e10071a80ba735ed5ca4aa2fc322dd0aed50f20a5b0096f1aacbce0263
SSDEEP

1536:FcU3Nta8JaEZAe40C0XXzGpYG/0U0J0Tw090yKNVKNPghZCG3v8IAeHS:FcitLJEexXDG/jH+K0MWPAeHS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1ac2e96318ac378e1428bbc5de8e58f_JaffaCakes118

Files

f1ac2e96318ac378e1428bbc5de8e58f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

edc90279fada8a34f89489223d90e489

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreA
GetCurrentProcess
GetWindowsDirectoryA
WaitForSingleObject
ReadFile
WriteFile
LocalAlloc
GetVersionExA
GetCurrentDirectoryA
VirtualFree
GetComputerNameA
GetStdHandle
ExitProcess
ResumeThread
VirtualAlloc
GetCurrentThread
DeleteFileA
ExitThread
CreateMutexA
CreateThread
GetSystemDirectoryA
CreateEventA
SetEvent
SuspendThread
GetCurrentProcessId
GetFileSize
CreateFileA
ReleaseMutex
LocalFree
GetCurrentThreadId
SetFilePointer
GetProcessHeap
CloseHandle
ResetEvent

advapi32

GetUserNameA

user32

PostMessageA
ShowWindow
GetWindow
SendMessageA
GetForegroundWindow
GetActiveWindow
wsprintfA
CreateDialogParamA
GetClassInfoExA
GetSystemMetrics
FindWindowA

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ