1937c9bb9f33cf3a4a0217d50f87acb3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1937c9bb9f33cf3a4a0217d50f87acb3_JaffaCakes118
Size

97KB
MD5

1937c9bb9f33cf3a4a0217d50f87acb3
SHA1

8b516e588a27b24357d84559c9f4be3b9d7a2c9a
SHA256

d5deac3f460e7c493a9ebbb5d7f9e7c8101ff9adfcdd62ee9435d4678616c14d
SHA512

a27cb06b53a26b7d77b62b09f81b502c59d531500f46d7134fef2b4ef59ea0d4c93f56632cc948bfb990a7fa0d71a0e84e1661a47a6f0a8005b1caeed55d369c
SSDEEP

1536:nCQRXgBMYrjI0eP7rO3ICEGutccsJebmrlrCK3JlH7YA3dRF8d6S86zE:nvXWMWfeu3fjG4ebUrFdN38sS86

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1937c9bb9f33cf3a4a0217d50f87acb3_JaffaCakes118

Files

1937c9bb9f33cf3a4a0217d50f87acb3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a745140b424e7446b0a47f058ff1526

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetDesktopWindow
CharNextA
GetSystemMetrics

kernel32

lstrlenW
GlobalFindAtomW
GetUserDefaultLangID
GetTickCount
GetStartupInfoA
GetOEMCP
GetACP
RemoveDirectoryA
GetProcessHeap
GetModuleHandleA
QueryPerformanceCounter
GetConsoleOutputCP
GetCommandLineW
GetDriveTypeA
GetCurrentThreadId
DeleteFileW
GetVersion
GetCommandLineA
MulDiv
VirtualAlloc
LoadLibraryW
SetLastError
lstrcmpA
DeleteFileA
GetCurrentThread
GetCurrentProcess
GetWindowsDirectoryA
lstrcmpiA
GlobalFindAtomA
GetCurrentProcessId
GetModuleHandleW
Sleep
GetThreadLocale
IsDebuggerPresent
SetCurrentDirectoryA
lstrlenA
CopyFileA
GetLastError

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ