f67b04bc10889c42d99ff31a6dd9009d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f67b04bc10889c42d99ff31a6dd9009d_JaffaCakes118
Size

18KB
MD5

f67b04bc10889c42d99ff31a6dd9009d
SHA1

de866603c70540448ccc94cfda548b7a8ef9265f
SHA256

728c8bbb06531d6b1a9fc82bbe5075e81c5432977297eb54acc5267092db135b
SHA512

37755bf6c5da2effad42d771fbae8256839a1553c4b99f5073d367fb850ce7fac4aa822a825f62ec229501723c2676e39f04c1f85a0b49248b69719d83633ce9
SSDEEP

192:JXN1fqdOWYNA0Kjz3H5NZuqkEeKUpth9h1egYMAAtAWrCeHtzhx:JOdOWYidz3fwqkrDpX1e+A4LrCG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f67b04bc10889c42d99ff31a6dd9009d_JaffaCakes118

Files

f67b04bc10889c42d99ff31a6dd9009d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e3aab4332cf2d0d502e716cbb82b115

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetCurrentThreadId
TlsGetValue
lstrcatA
GetSystemDefaultLCID
GetLogicalDrives
GetCurrentProcessId
FreeLibrary
GetUserDefaultLCID
GetDriveTypeW
VirtualAlloc
TlsFree
GetCurrentThread
lstrcpyA
TlsSetValue
GetOEMCP
GetCommandLineA
GetModuleFileNameA
IsDBCSLeadByte
CreateProcessInternalA
GetACP

user32

GetWindowTextLengthA
RegisterClassA
GetDC
CloseWindow
GetFocus
ShowWindow
GetWindowTextA
BeginPaint
IsWindowVisible
ReleaseDC
GetWindow
GetForegroundWindow
GetClassInfoExA
UpdateWindow
GetWindowLongA
IsIconic
GetSystemMetrics
GetActiveWindow
GetWindowDC

imagehlp

ImageLoad
CheckSumMappedFile
ImageNtHeader
FindDebugInfoFile
BindImage
FindFileInPath

oleacc

GetStateTextA
DllRegisterServer
LresultFromObject
GetRoleTextA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ