19608396f0904ae9da1be6dce88603c7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19608396f0904ae9da1be6dce88603c7_JaffaCakes118
Size

18KB
MD5

19608396f0904ae9da1be6dce88603c7
SHA1

36325fbc3d5e59bdb8b34752ac96ed5a15920a71
SHA256

92cd48af794533c403717f4515fac97a50e07bc518662bba22d50720ac8e1398
SHA512

f384b3d7a5f3ea8a568b0040d5ac95ffbb046a20df6c02b3ee725e175563725524d993c72b038caaff0a4786f07c6f2c35f07eb674796ee3b8873ea9379403f4
SSDEEP

384:UR6vVFeJ0W7UYJS3wFJwnYyb7JrVlVla0zx:URcq0WAYw3wcFrva09

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19608396f0904ae9da1be6dce88603c7_JaffaCakes118

Files

19608396f0904ae9da1be6dce88603c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2d00bdfa78f0b3f165223c23ee59fb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
CreateIoCompletionPort
GetProcessVersion
InterlockedExchange
GetLogicalDrives
IsDebuggerPresent
HeapDestroy
GetProcessHeap
VirtualProtect
GetTimeFormatA
GetModuleHandleA
WaitForSingleObject
GetTapeStatus
HeapCreate
GetACP
GetCurrentProcessId
HeapQueryInformation
GetCurrentThread
GlobalMemoryStatus
GetEnvironmentStringsA
LoadLibraryExA

user32

SetActiveWindow
BeginPaint
DrawTextA
GetFocus
GetTitleBarInfo
GetWindowTextLengthA
ShowWindow
GetCursorPos
GetWindow
FillRect
GetClassNameA
GetParent
DragDetect
GetDlgItem
wsprintfA
EndPaint
ReleaseDC
SetForegroundWindow
FrameRect

advapi32

RegFlushKey
RegCreateKeyA
RegEnumKeyA
RegCloseKey
RegSetValueExA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ