095192f1193e0fe9352ec25bc3d92ddd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

095192f1193e0fe9352ec25bc3d92ddd_JaffaCakes118
Size

204KB
MD5

095192f1193e0fe9352ec25bc3d92ddd
SHA1

2e34f18fe238ea7f7f9acf6bd5130c86ea8c5802
SHA256

401dc12b57b430f29f03c7c0273774899208da6df5524856cce331a1cbe90f36
SHA512

cb7580bc73cfe32bae5082a3b845aec901183bea8f856986d83d4d16f6566a0fc65f27fe74e65cc8870c823f6ad483c1687f4260f7e15a62e758a590dccf0659
SSDEEP

3072:kVQAxFRPC6bRJy+ickfOMmNn3TA+smZCrxRsGmET05gzspTTrdSZb:NsRNFJypfKN2mArxRsLA0EspvMh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
095192f1193e0fe9352ec25bc3d92ddd_JaffaCakes118

Files

095192f1193e0fe9352ec25bc3d92ddd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54cb3c4fb555f831b7ec222e7499ffbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
GetSystemMetrics
CharNextA
GetDC

kernel32

GetCurrentThreadId
GetThreadLocale
SetLastError
lstrcmpA
MulDiv
Sleep
lstrcmpiW
GlobalFindAtomW
lstrcmpiA
lstrlenA
DeleteFileW
GetCommandLineA
GetCommandLineW
LoadLibraryW
CopyFileA
GetOEMCP
GetLastError
SetCurrentDirectoryA
GetProcessHeap
GetStartupInfoA
GetCurrentThread
GlobalFindAtomA
lstrlenW
GetConsoleOutputCP
GetModuleHandleA
GetUserDefaultLangID
GetTickCount
DeleteFileA
GetModuleHandleW
RemoveDirectoryA
GetCurrentProcess
GetVersion
QueryPerformanceCounter
GetDriveTypeA
GetACP
GetCurrentProcessId
IsDebuggerPresent
GetWindowsDirectoryA
VirtualAlloc

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ