1a75cf5a7162324df41bd142d759dbcc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a75cf5a7162324df41bd142d759dbcc_JaffaCakes118
Size

242KB
MD5

1a75cf5a7162324df41bd142d759dbcc
SHA1

fb3f6a1251a1af01d0ace12acbef268b911e909b
SHA256

c1627b5396c1669bc201193d7a1b8a0cc2c70c669d527e2bc4140db16fe64eff
SHA512

f70786e1ed894f0204359819130270cc6352bc99844dd3b435882f0e62083f976cd5fc5d1e2a26e858458ff755cd6a83aaba5493aee9edd1ed508a131bf2af8e
SSDEEP

6144:C8nunPuGRppmMxomdvtf17FLYnzOy0FHChI7+l:C8ipQM/dvtxOnCLChI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a75cf5a7162324df41bd142d759dbcc_JaffaCakes118

Files

1a75cf5a7162324df41bd142d759dbcc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

427663dca9cb2e0462023c9391fac340

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetModuleFileNameA
VirtualAlloc
GetACP
GetCurrentThreadId
GetCurrentThread
GetLogicalDrives
IsDBCSLeadByte
FreeLibrary
TlsFree
GetSystemDefaultLCID
TlsAlloc
GetSystemDefaultLangID
TlsSetValue
lstrcatA
GetCurrentProcessId
TlsGetValue
GetDriveTypeW
GetCurrentProcess
GetCommandLineA
lstrcmpA

user32

ShowWindow
GetDC
RegisterClassA
UpdateWindow
GetFocus
GetWindowTextA
GetWindowDC
ReleaseDC
GetForegroundWindow
CreateWindowExA
GetWindow
GetSystemMetrics
GetWindowLongA
GetActiveWindow
IsIconic
GetClassLongA
IsWindowVisible
GetWindowTextLengthA
BeginPaint

gdi32

DeleteObject
SetTextColor
GetStockObject
SelectObject
GetObjectA
SetBkMode

clbcatq

ComPlusMigrate
SetSetupSave
SetSetupOpen
DowngradeAPL

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ