432a9d39479b0efabe3aa8ea51e7535c_JaffaCakes118 | Triage

Sharing

General

Target

432a9d39479b0efabe3aa8ea51e7535c_JaffaCakes118
Size

40KB
MD5

432a9d39479b0efabe3aa8ea51e7535c
SHA1

c2b2bea2eed74d1271d169b8c864d8c6fba75cb1
SHA256

04d380bb0391d681d8eac2bf7227682c3202d2edd5b30d5ed77671c66cd2026d
SHA512

5d9975dff90f811e90474949e0bd810c95ce7ba2a60ea6744faf4e96cd2ec07dc9f790542551d957ecb44d5190f23698360713b05682b08bdb8bd14f4450cf48
SSDEEP

768:lQylpAcKDaGEKLKo/OVBRZakpNWSZN8XgFk/WjmohH:lQGp2+hK1MEsNQgFkkmot

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
432a9d39479b0efabe3aa8ea51e7535c_JaffaCakes118

Files

432a9d39479b0efabe3aa8ea51e7535c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

545af15fb7c53de8ba777ac8c0556dc8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAdjustment
GetVersion
QueryPerformanceFrequency
GetVersionExA
GetWindowsDirectoryA
GetCurrentDirectoryA
GetSystemTime
GetSystemTimeAsFileTime
GetSystemInfo
GetTickCount
AreFileApisANSI
lstrcpyA
GetProcAddress
GlobalMemoryStatus
VirtualAlloc
VirtualProtect
GetProcessHeap
GetCurrentProcessId
GetEnvironmentStrings
GetLogicalDriveStringsA
LoadLibraryA
GetModuleHandleA
GetCurrentThread
GetCurrentThreadId
GetStartupInfoA
GetCommandLineA
IsBadCodePtr
GetLogicalDrives
GetComputerNameA
GetConsoleCP
GetConsoleOutputCP
GetSystemDirectoryA
IsBadReadPtr
IsBadWritePtr
GetDiskFreeSpaceExA
GetVolumeInformationA
ExitProcess
GetConsoleTitleA

user32

GetActiveWindow
GetFocus
GetKBCodePage
GetCapture
GetDesktopWindow
GetSysColor

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE