0e27ce48e915471ffdb4602e0c43f228_JaffaCakes118 | Triage

Sharing

General

Target

0e27ce48e915471ffdb4602e0c43f228_JaffaCakes118
Size

173KB
MD5

0e27ce48e915471ffdb4602e0c43f228
SHA1

95e57e6fafa91d3045ad0b511938104b8fd86c1a
SHA256

4a31452a77a9d25fbc65eb179b2d4a1ff0cc5bf3b571cc67a59426f50be8c3d1
SHA512

4aa6a3cd5841d4c8b657d031aeca82a93b9ab0e6309d6ea945429a713c4d5595d86dbd9e16e52a2a7b1687c7a2ecda0d0caa67764a263439ce16fd41ecd906e4
SSDEEP

3072:SmhVFMastf0lR8OJnMzwsWPGQOw5GAUVhIVCXGH9fiyqGMM3NYbg1qGI9LgZQBD:lfVsdgekDlUVhIUXg9V6/bAqEZQBD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e27ce48e915471ffdb4602e0c43f228_JaffaCakes118

Files

0e27ce48e915471ffdb4602e0c43f228_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a982adce5e100548624a5c290e68165

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetProcessTimes
CreateThread
LoadLibraryA
GetModuleFileNameA
GetPriorityClass
GetThreadPriority
GetCommandLineA
ExitProcess
GetModuleHandleA
GetCurrentThreadId
Sleep
VirtualAlloc
GetCurrentThread
GetStartupInfoA
GetLastError
GetProcessHeap
GetTickCount
ExitThread

user32

GetDC
RegisterClassA
GetWindowTextA
GetClassLongA
GetSystemMetrics
GetWindowTextLengthA
GetWindowDC
GetForegroundWindow
GetWindow
CreateWindowExA
IsWindowVisible
ShowWindow
BeginPaint
GetFocus
OpenIcon
ReleaseDC
GetActiveWindow
GetWindowLongA
UpdateWindow

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
GetUserNameA
IsTextUnicode
RegQueryValueExA

version

GetFileVersionInfoSizeA
VerLanguageNameA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE