4a66f63e752aa0bcf07d3df93b5a8ae1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a66f63e752aa0bcf07d3df93b5a8ae1_JaffaCakes118
Size

10KB
MD5

4a66f63e752aa0bcf07d3df93b5a8ae1
SHA1

3a62d9658a86051d7783d277284ab802f2f43bac
SHA256

e36ea188479606d8fedabc8937cfc9b744d62e298b71018358b49bd00bd3564e
SHA512

3e7dcdd08f7f79ce671f92b0e8540c8ba04f0965aada0c12b67db2c8646da6a8cfb51f89618733b03871614324a87df8bc760bc58de264a7dbeede178c061ce6
SSDEEP

192:VIf3RqhjigQM2qOOe8uJqEJzklmPjwE2faxmuoBlLDuWKUiRnZW2G7WA9Aa1abN:uf65eOtuc+zkEP72yzoBlXjapZW2G7WF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a66f63e752aa0bcf07d3df93b5a8ae1_JaffaCakes118

Files

4a66f63e752aa0bcf07d3df93b5a8ae1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6f5a079f5f35161ed851d8db9deed62e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetCurrentProcess
lstrcpyA
CreateProcessA
GetStartupInfoA
GetTickCount
GetCurrentProcessId
GetThreadPriority
GetACP
GetCurrentThread
lstrcatA
FreeLibrary
LoadLibraryA
MoveFileExA
WriteFile
CancelIo
GetCurrentThreadId
lstrlenA
GetTempFileNameA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
GetSystemDirectoryA
GetModuleFileNameA
GetTempPathA
GetShortPathNameA
GetLastError
CreateMutexA
CloseHandle
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
CreateFileA
ExitProcess

user32

SetActiveWindow
GetActiveWindow
GetTopWindow
GetCapture
wsprintfA

gdi32

GetBrushOrgEx
CreateCompatibleBitmap
GetBkMode
CreateCompatibleDC
GetBkColor
CancelDC

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ