38b81ead08afbb296d4659aeee6a266f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38b81ead08afbb296d4659aeee6a266f_JaffaCakes118
Size

46KB
MD5

38b81ead08afbb296d4659aeee6a266f
SHA1

e2014cba80ab949bbb91443cd479bea4fcf7a6a2
SHA256

3020227f1ef65d8b0b20a3172f9d953075f6fbfc4148a8dbc45d7425f38f88f6
SHA512

e0be71f422e5e8d1693843fccbc115e8101a2fbaec404ffe373d5c5daf82d44aa65c892bde1441b662c7440994c44831ea97f0c9ddf7ae88ad252e7c55f7d174
SSDEEP

768:vOVIvVb8wqxMy96bmJj/tdgvO3bj15LyreRhzO43w7Vc4A8EmBDBks:vo+wwcL9fJjTgKj1UahzO43w+4OmBDBk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38b81ead08afbb296d4659aeee6a266f_JaffaCakes118

Files

38b81ead08afbb296d4659aeee6a266f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

272ab8725f96e29c546323264786bbdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetSystemDefaultLangID
GetModuleHandleW
FreeLibrary
GetCurrentThreadId
GetModuleFileNameA
TlsSetValue
GetCurrentProcess
lstrcatA
GetCommandLineA
GetLogicalDrives
TlsGetValue
Sleep
GetACP
TlsFree
VirtualAlloc
IsDBCSLeadByte
lstrcmpA
GetCurrentProcessId
GetDriveTypeW
TlsAlloc

user32

UpdateWindow
GetSystemMetrics
IsWindowVisible
GetFocus
GetActiveWindow
ShowWindow
GetWindowDC
RegisterClassA
GetWindowLongA
IsIconic
GetWindowTextA
CreateWindowExA
GetWindow
ReleaseDC
BeginPaint
GetWindowTextLengthA
GetDC
GetForegroundWindow
GetClassLongA

advapi32

RegCreateKeyExA
IsTextUnicode
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA

version

GetFileVersionInfoA
VerQueryValueA
VerLanguageNameA
GetFileVersionInfoSizeA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ