379be808dabffb46fce0cbf80ae0673f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

379be808dabffb46fce0cbf80ae0673f_JaffaCakes118
Size

242KB
MD5

379be808dabffb46fce0cbf80ae0673f
SHA1

330523f77571014d682229dcd653a45dc8683791
SHA256

c3e0653675f67f7ab7f6dd9dffbdfd3b75d29121786327599a957f5edec69465
SHA512

1c08ecac3f256e769bd7e1ee9f058bc2325f6a370ffa5768af10a2a6c2c3ec125072a1afeef1730295fe00f47d9a997ec87a472cfb11f85b24af3d411617e6a8
SSDEEP

6144:vOm3+GoihAffSA2wk7pMOhBdq7IlTkYNk7aEQq4Mfum:v1FoihqffYMOvdq7IIYZEaM/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
379be808dabffb46fce0cbf80ae0673f_JaffaCakes118

Files

379be808dabffb46fce0cbf80ae0673f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f25b8753a68f8de7dc3ff0da0016a2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByte
GetModuleHandleW
GetACP
TlsFree
lstrcatA
GetModuleFileNameA
TlsGetValue
GetLogicalDrives
GetCurrentThread
TlsSetValue
GetCurrentThreadId
TlsAlloc
GetCurrentProcessId
GetCurrentProcess
GetDriveTypeW
GetCommandLineA
VirtualAlloc
FreeLibrary
lstrcmpA
Sleep
GetSystemDefaultLangID

user32

ShowWindow
CreateWindowExA
IsIconic
GetFocus
GetDC
GetSystemMetrics
GetWindowLongA
UpdateWindow
BeginPaint
GetWindowTextA
IsWindowVisible
GetActiveWindow
GetWindow
ReleaseDC
RegisterClassA
GetWindowTextLengthA
GetClassLongA
GetWindowDC
GetForegroundWindow

advapi32

RegCreateKeyExA
IsTextUnicode
RegQueryValueExA
RegCloseKey
GetUserNameA
RegOpenKeyExA

clbcatq

SetSetupSave
ComPlusMigrate
DowngradeAPL
SetSetupOpen

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ