22c6db95096f7fe0c3d1a4c073453bf0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22c6db95096f7fe0c3d1a4c073453bf0_JaffaCakes118
Size

42KB
MD5

22c6db95096f7fe0c3d1a4c073453bf0
SHA1

4b97eb5e72ebdba68d18aa0f849dcbe9dec686d6
SHA256

d25e1c88c066231e7b93d62da07bc532718cafa4089ddd2e4b5684646d4f932b
SHA512

ae64308635db01a32632b2507cb1d723e405c2c3f9a2dc5802333963c8aaeb93fdb0a8b0544bc33fb11f2d923454f639eb89d18b7416e63daa6eff03516723c3
SSDEEP

768:T/1DNHU1ljI3TwQ4w7KZt84A5+liuULVVk01yqt1F00ZKwraDgXbsgPgCQBaAmd+:T/rHClMc9Tt84xgT11vGDGb7YtYAmt0E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22c6db95096f7fe0c3d1a4c073453bf0_JaffaCakes118

Files

22c6db95096f7fe0c3d1a4c073453bf0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e615227b84f6cf3db53fb92e79d113c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegQueryValueExA
RegCreateKeyExA
CryptReleaseContext

kernel32

GetACP
VirtualProtect
MultiByteToWideChar
GetCommandLineA
VirtualFree
GetCurrentProcess
LeaveCriticalSection
CreateProcessW
GetTickCount
LoadLibraryA
GetVersion
GetModuleHandleA
GetFileType
GetCommandLineW
GetLastError
SetStdHandle
SetConsoleCP
GlobalFree
TlsGetValue
TlsSetValue
CompareStringA
ExitProcess
GetStartupInfoA
GetOEMCP
GetCurrentProcessId
GetProcAddress
HeapAlloc
SetUnhandledExceptionFilter
GetCurrentThreadId

user32

GetWindowLongA
UnionRect
SendDlgItemMessageW
EndDialog
LoadImageW
TranslateMessage
GetWindowPlacement
IsIconic

gdi32

SetBkColor

ole32

CoTaskMemFree
CoTestCancel

msvcrt

time
_lock

lz32

LZClose

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE