0f70990434c40676a863288ca55527b0_JaffaCakes118 | Triage

Sharing

General

Target

0f70990434c40676a863288ca55527b0_JaffaCakes118
Size

173KB
MD5

0f70990434c40676a863288ca55527b0
SHA1

ef632f19d079fcb753cca2f9c0c33be152caf242
SHA256

0637e2407096cc733cf2ab4f86851c3076dd8bc50f1eed1ab0bfffe70338b0e4
SHA512

fa5e3abb5ca6226e27c80557a3b76e24f6859824eee149e0ffae98fe54bd4f40c19ca13b4583acc1baac9c6fd032e81314225d0aa6b385fa53d5abac63ef9dc0
SSDEEP

3072:IGv4/FyqIEyNlf0WcFwUH9/KC20JgSozsKqkex+Hqrb4qxH6jTOhCDaUaEI:x4/FYOLNHN1NozHHmIK4WdEI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f70990434c40676a863288ca55527b0_JaffaCakes118

Files

0f70990434c40676a863288ca55527b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27fe6af0c1f6c34bb9dfdf018b0f46eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetProcessTimes
ExitThread
GetThreadPriority
GetCurrentThread
FreeLibrary
VirtualAlloc
CloseHandle
GetLastError
GetCurrentProcessId
Sleep
ExitProcess
GetProcessHeap
GetCommandLineA
GetModuleFileNameA
LoadLibraryA
GetPriorityClass
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetTickCount

user32

ReleaseDC
GetWindowDC
GetWindowLongA
GetWindowTextLengthA
GetClassLongA
GetDC
UpdateWindow
OpenIcon
BeginPaint
GetWindowTextA
IsWindowVisible
GetForegroundWindow
ShowWindow
GetActiveWindow
GetSystemMetrics
GetFocus
CreateWindowExA
RegisterClassA
GetWindow

advapi32

GetUserNameA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
IsTextUnicode

version

GetFileVersionInfoA
VerLanguageNameA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE