a4c0ea6c00962c31f6a74f6215d466de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4c0ea6c00962c31f6a74f6215d466de_JaffaCakes118
Size

304KB
MD5

a4c0ea6c00962c31f6a74f6215d466de
SHA1

bc7cd1568851c269f77ce2dd298e367775cb9e15
SHA256

c7b2b2548951921b8e6e6664ed89207421d2d1942989e6ba02ea9fe41312acec
SHA512

54df231c899914efecb3696d1b7c70b8d5f7db2ddc8fd3b8eb060d8fd2c4b00f0fc8da3ea2cdb6e580a39cd1331ea988ea688f380b08babc76643d0c06d26e4e
SSDEEP

6144:6SugmYsN5p4aHbIoC1ciQ4sPmM6ZNcLSbsUO51s5Ism9tOwoD4:6b9FNbRkc42j6fcGbosGsm9tO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4c0ea6c00962c31f6a74f6215d466de_JaffaCakes118

Files

a4c0ea6c00962c31f6a74f6215d466de_JaffaCakes118
.exe windows:5 windows x86 arch:x86

62b6dcddeee20fea16173130e0d86e7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileAttributesW
LocalFlags
HeapFree
GetCurrentProcess
GetVersionExA
FindClose
GetModuleHandleA
DeviceIoControl
VirtualProtectEx
TlsGetValue
GetCurrentThread
GlobalLock
GetPrivateProfileSectionA
CreateEventA
CreateDirectoryW
GetFileAttributesW
SetCommBreak
SetLastError
GetStringTypeA
GetLocaleInfoW
RemoveDirectoryW

user32

SetCursorPos
SetFocus
LoadCursorA
DefDlgProcA
IsWindow
wsprintfW
PostMessageW
DispatchMessageA
SetCursor
GetWindowTextW
PeekMessageW
IsDialogMessageA
GetWindowLongW

msorcl32

SQLCancel
SQLConnect
SQLDisconnect
SQLError

ntshrui

IsPathSharedA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE