10456e5636f83c74b0e974f6cbc6ea34_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10456e5636f83c74b0e974f6cbc6ea34_JaffaCakes118
Size

20KB
MD5

10456e5636f83c74b0e974f6cbc6ea34
SHA1

01c01a26a37c6e27eb5a9e91a319e9ada5fa843e
SHA256

ae45a0496b50dd36237e0927403a20153692a529cbd21edbcd4dce09985e3deb
SHA512

60978f07a68575915387952b445f9cb282e0be37061d5504a3fe189da1224b842315b20b2c439e08291727f4794e1da25ac8ccfc30cc87986b2bbafe415a99e3
SSDEEP

384:jnZY62MUVzx7UTw6AlT+WymHDLyM8nYG8ROph:jnZYnMwzx7UTyiWyTnYGLp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10456e5636f83c74b0e974f6cbc6ea34_JaffaCakes118

Files

10456e5636f83c74b0e974f6cbc6ea34_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b88e16ba8fec968f28dabcbd3d1078de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
GetCurrentProcess
TlsGetValue
GetCurrentProcessId
TlsSetValue
TlsFree
GetModuleHandleA
IsValidCodePage
GetCommandLineA
GetCurrentThreadId
CloseHandle
GetStartupInfoA
FreeLibrary
GetModuleFileNameA
VirtualAlloc
TlsAlloc
GetCurrentThread
GetThreadPriority
Sleep
GetLogicalDrives
GetDriveTypeA

user32

GetWindowDC
ReleaseDC
GetForegroundWindow
IsWindowVisible
CreateWindowExA
GetDC
GetWindow
GetWindowTextLengthA
OpenIcon
GetWindowTextA
UpdateWindow
GetActiveWindow
BeginPaint
GetFocus
ShowWindow
GetWindowLongA
GetClassLongA
RegisterClassA
GetSystemMetrics

advapi32

RegQueryValueExA
RegCloseKey
IsTextUnicode
RegCreateKeyExA
RegOpenKeyExA
GetUserNameA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerLanguageNameA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ