4a2b218b0917b6c23a1fb0ad0777a2a0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a2b218b0917b6c23a1fb0ad0777a2a0_JaffaCakes118
Size

40KB
MD5

4a2b218b0917b6c23a1fb0ad0777a2a0
SHA1

9ab52f565fd5f5a4b7aaaadfb8ede5d192570a51
SHA256

e062ab04627e7f08cdfba0c681e06064583d180299a9ecae49c2647f6a80be5a
SHA512

0009bfe552c83adb5d92b855cc695c2c96490218367d7119e4fba71610c52b2f6b5421c7f2e56e21b4eff8518d742fa600b5e01db15bb5649f7bbf6541b37ce9
SSDEEP

768:aPGRasytWekyPTYNnRFEQgnhYQW+fRCjhFFY9ygI248tX/XoUo7Qegb:aXPBwzbKiQW+fgjhVgi8NWQN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a2b218b0917b6c23a1fb0ad0777a2a0_JaffaCakes118

Files

4a2b218b0917b6c23a1fb0ad0777a2a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17db30584459669f2211e41d212cb528

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateThread
ExitProcess
FindResourceA
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetPriorityClass
GetStartupInfoA
GetSystemTimeAsFileTime
GlobalReAlloc
HeapAlloc
HeapCreate
HeapReAlloc
IsBadStringPtrA
LocalFree
MultiByteToWideChar
OpenEventA
RtlUnwind
SetEndOfFile
SetLastError
SetUnhandledExceptionFilter
TlsAlloc
VirtualFree
WideCharToMultiByte
lstrcmpA
lstrcpyA

msvcrt

__p__commode
__set_app_type
exit
strspn
swscanf
vswprintf
__getmainargs

user32

GetCursorPos
GetWindowTextA
SystemParametersInfoA

winmm

mmioAscend
mmioGetInfo
mmioRenameA
mmioSetBuffer
waveOutGetNumDevs
mmioAdvance

Exports

Exports

GetNumCaptureDevices

Sections

.text
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ