07093e5c76dfd2c67584bd823bd3fe94_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07093e5c76dfd2c67584bd823bd3fe94_JaffaCakes118
Size

113KB
MD5

07093e5c76dfd2c67584bd823bd3fe94
SHA1

b586deedde51b03f96bb4e5d515ae8b1aea2f161
SHA256

87d2c96efe0f2a80199c22ecc668f39b9b43a42579fdd4dc63ccc310e442a4e0
SHA512

032513bfc3f0cfed694c1079f004dfce5f9062a7c3cf156809c6c40495d8c23df5d7b5e2e2fef574ba67d4e4808fbcec8defa2a9c58de81237c8d52e2c87edbf
SSDEEP

1536:gl340kEK0JQtGPJUl8t3Wjyg3oBLBNf7iYG2qwOAFt1yF7hb7srbMEEONmYEPEb9:gC22GxUl8aF4ZrU2bYhbIvvhUgL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07093e5c76dfd2c67584bd823bd3fe94_JaffaCakes118

Files

07093e5c76dfd2c67584bd823bd3fe94_JaffaCakes118
.exe windows:5 windows x86 arch:x86

954d906634c14429e8f58baafa7c925f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetCurrentProcess
QueryPerformanceCounter
lstrcatA
GetLastError
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetCurrentThreadId
CloseHandle
GetTempPathA
lstrcpyA
lstrcmpA
GetCurrentProcessId
GetTickCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime

user32

ClientToScreen
wsprintfA
GetWindowRect
EqualRect
GetCursorPos

msvcrt

_ismbblead
__getmainargs
_cexit
_exit
_XcptFilter
exit
_acmdln
_initterm
_amsg_exit
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
__setusermatherr

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE