07ca563d3a6c64a4c437cf480c8e339b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07ca563d3a6c64a4c437cf480c8e339b_JaffaCakes118
Size

58KB
MD5

07ca563d3a6c64a4c437cf480c8e339b
SHA1

fb07c1915ba142c6eabde5aeb18c1ce52181023f
SHA256

1fbeb56ad7ef390a3e8a0f2ff99075c591de98c6ad003e3981d5a155e6054870
SHA512

9315c85780d770b7f6b2ca9d76f908ac4c7a77c8b5a247551de6e482460394d6e914053f43c94e66027c56e86cd04bee4e014c7ea53626dd081ffa24ed2d9600
SSDEEP

1536:4SvWhHt/n5YJGXxR6rFP6vGyQAOdlS/9zzbZMrJC+8Wq3Zx1:4gWj/n5WGX36rFKGyfGCJMrJp43

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07ca563d3a6c64a4c437cf480c8e339b_JaffaCakes118

Files

07ca563d3a6c64a4c437cf480c8e339b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

91053939478e28db9dff29e1e944ef36

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
LoadLibraryA
CloseHandle
ExitProcess
SetUnhandledExceptionFilter
CreateFileA
LCMapStringA
GetCommandLineA
SetErrorMode
VirtualAlloc
FindClose
GetDateFormatW
GetCurrentProcess
DeleteCriticalSection
GetProcAddress
FreeEnvironmentStringsW
GetModuleFileNameA
CreateMutexW
HeapDestroy
CreateThread
SetHandleCount
GetTempPathA
GetStdHandle

user32

GetCursorPos
GetWindowLongA
GetDlgItem
ClientToScreen
DrawEdge
GetDlgCtrlID
GetPropW
GetWindowLongW
LoadCursorA
wsprintfA
LoadBitmapA

advapi32

FreeSid
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW

msvcrt

__p__commode
_adjust_fdiv
_amsg_exit
fflush

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ