394acfeedec6ea6226d8ff285715ee08_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

394acfeedec6ea6226d8ff285715ee08_JaffaCakes118
Size

316KB
MD5

394acfeedec6ea6226d8ff285715ee08
SHA1

10bbf80d63391ab319cfa7c44136c0d858939682
SHA256

ac41a3aad356a878c6553403e86ec2a635a0f1fd085777823de68ae58bdd1675
SHA512

c0ec17d6bbadc82450c39e9210e2248a9d5eb5238ec33e120da0f1d43e5619ad5e4f7dd1aa0295fb7fac91a0a0315c5512f804ebd960fa9aa8486186d7516556
SSDEEP

6144:a1WhgMbyt+/lFO7UXdj5hcD28Ek5k+6GGv+H1wpZnjZr0J/x:VhgxtAA70R5uq89H6EHe3pUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
394acfeedec6ea6226d8ff285715ee08_JaffaCakes118

Files

394acfeedec6ea6226d8ff285715ee08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e26c02749d18fed7e3023aefb95cabd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetExpandedNameA
GetCurrentProcess
OpenSemaphoreA
GetACP
FlushFileBuffers
HeapCreate
GetThreadPriority
WriteConsoleA
VirtualProtect
InterlockedExchange
GetModuleHandleA
GetCurrentProcessId
HeapDestroy
LoadLibraryA
GetTimeFormatA
DeleteAtom
IsDebuggerPresent
GetEnvironmentStringsA
GetStdHandle
FormatMessageA

user32

IsIconic
ShowWindow
GetWindowTextLengthA
GetDlgItem
SetForegroundWindow
GetFocus
SetActiveWindow
FillRect
ValidateRgn
wsprintfA
FrameRect
GetCursorPos
DrawTextA
EndPaint
GetParent
ReleaseDC
GetWindow
GetClassNameA
BeginPaint

linkinfo

GetLinkInfoData
DestroyLinkInfo
ResolveLinkInfoA
IsValidLinkInfo
GetCanonicalPathInfoA

version

GetFileVersionInfoA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ