288ecb0a0f63865ad7a1af870d0b0b64_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

288ecb0a0f63865ad7a1af870d0b0b64_JaffaCakes118
Size

270KB
MD5

288ecb0a0f63865ad7a1af870d0b0b64
SHA1

9c8b38f212ab080c37278c3cf24374f6905f1169
SHA256

9e17985ca1619b4e2a4bf4b3dfba506b4ffe4a13cca7c346c38b78cf471ae5f5
SHA512

586c8e2b24bd9abf028ce74996ab68631e7158ece17887c522c4d73554ea2bded405a57133659095c0b001fef14548bd26af6ee53730fced19c0426e00a418fe
SSDEEP

6144:ye/d6MQSsEkshGE+seGCsAjtsmDoTcejx8V5cTaILj8TwU:LH1sfs5+fG/AjtsmEL+mTa9wU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
288ecb0a0f63865ad7a1af870d0b0b64_JaffaCakes118

Files

288ecb0a0f63865ad7a1af870d0b0b64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2eb5ecac487cd485015aea8af3f62ec0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
TerminateProcess
LoadLibraryA
GetLocaleInfoA
GetProcessHeap
UnhandledExceptionFilter
LeaveCriticalSection
MultiByteToWideChar
GetModuleHandleA
VirtualProtect
SetUnhandledExceptionFilter
HeapAlloc
DisableThreadLibraryCalls
EnterCriticalSection
GetStartupInfoA

user32

wsprintfA
LoadStringA
CreateWindowExA
IsWindowVisible
DestroyWindow
SetWindowLongA
GetWindowLongA
SetWindowPos
SetParent
ShowWindow

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey

ole32

CLSIDFromProgID
CoTaskMemFree
CoCreateInstance

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
__CxxFrameHandler
time
_except_handler3
??3@YAXPAX@Z
??2@YAPAXI@Z
wcslen
_wcsicmp
_exit
_XcptFilter

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ