1a9a7db09740c18c5608b9706f8715fe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a9a7db09740c18c5608b9706f8715fe_JaffaCakes118
Size

330KB
MD5

1a9a7db09740c18c5608b9706f8715fe
SHA1

14b08cfb2c6a8444d277ddcb12b8d7c668e0021d
SHA256

5839665a7079e304fbcd722fbc4aeca0c3b93ea024c4bbefc0eac8e55a13adba
SHA512

08c9531ad5ddce801b5374d1c02885b3290e291f2d1c83f7e62ab7c4c0ed6523a8dd2e2f4d36f78c07b20cdbe97044884c43710d60c7dc2b163ce901133697d0
SSDEEP

6144:KgXJKXzL5vOTiIIWPkHHScTXuXY6ZzIqQFM1TAP4ClREfJo4SKb3gxqF7L:KIKNOT5PmDIpZsqNNAP4ClREZNb3Oqd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a9a7db09740c18c5608b9706f8715fe_JaffaCakes118

Files

1a9a7db09740c18c5608b9706f8715fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

48b86e4f8d67c33caaa9904205d2f356

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetConsoleCP
WaitForSingleObject
SuspendThread
SetConsoleCP
GetTickCount
GetCommandLineA
HeapReAlloc
VirtualProtect
InterlockedExchange
GetVersion
CompareFileTime
WaitForMultipleObjects
GetStdHandle
GetAtomNameA
LoadLibraryExA
HeapCreate
GlobalUnlock
CloseHandle
GetModuleHandleA
GetSystemDefaultLangID

user32

FillRect
GetKeyState
GetDlgItem
CreateIcon
IsDialogMessage
GetKeyboardLayout
CopyImage
DragObject
SetPropA
CreateMenu
DispatchMessageA
EnableScrollBar
GetCursorInfo
FindWindowA
DialogBoxParamA
SetScrollInfo
InsertMenuA
InvertRect
SetWindowPos
DestroyMenu
DrawCaption

advapi32

RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey
RegEnumValueA
RegCreateKeyExA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ