18b9de2567b71d96291dc72b856c3ece_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18b9de2567b71d96291dc72b856c3ece_JaffaCakes118
Size

62KB
MD5

18b9de2567b71d96291dc72b856c3ece
SHA1

1a0ed3b611faab1cfbd510e63d428d5bd831bbb2
SHA256

6ec064688ab8447dbb9bbc5b22cbff36681eb9f68f72df154a20ee711bb62c38
SHA512

62a4d6d224b36a0201e44d206ba0cb0bb1a0f8815bf8ed11d419918072616f56c07df88c294621441eb684b333cc15e1a9fffbb731f9b1d726ea14b357749b3e
SSDEEP

1536:DZC23jXOTX2JEbYIoj4yAh0aLop4rT+pWTX0GXvbbltfEwx6M:DZIOYsAh0off+pWZrxV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18b9de2567b71d96291dc72b856c3ece_JaffaCakes118

Files

18b9de2567b71d96291dc72b856c3ece_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7b9fe55862f4c7332fb2b16f0fb4f770

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetSystemTime
lstrcpyA
GetTickCount
FindAtomA
GetVersion
CloseHandle
WriteFile
CreateFileA
GetLastError
GetLocalTime
lstrcatA
lstrcpynA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
GetTempPathA
LoadLibraryA
GetTempFileNameA
CreateMutexA
OpenMutexA
ExitProcess
lstrcmpA
GetCommandLineA
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

GetFocus
InflateRect
GetWindowRect
GetCaretPos
EqualRect
ClientToScreen
GetCursorPos
IsWindowVisible
wsprintfA

shlwapi

SHGetValueA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE