4c089816dbbdc428f2d06fb4e6d2d5f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c089816dbbdc428f2d06fb4e6d2d5f5_JaffaCakes118
Size

198KB
MD5

4c089816dbbdc428f2d06fb4e6d2d5f5
SHA1

d00811df12c4a9caf8ad8645473fdc543bb7babc
SHA256

a3d3423e5ca41e47c6ab92d1079ecc3d770ce2b31331e4f8dad71d7d1dcf40ee
SHA512

1f1e6a42bc7558d4fa12f2a0f14f9f3998a74580e280052bff0f7273d0f8a085f086a4a6d5cb563b0a5b38594288eea6e48dde8542236129e2cacde93183ab47
SSDEEP

3072:RmRRmQ65fMJMXNy/5iUIVPba7qhCxEK+Kw6O7U5nq2y:RmRkpNwbsT+gQEKzwr7UZP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c089816dbbdc428f2d06fb4e6d2d5f5_JaffaCakes118

Files

4c089816dbbdc428f2d06fb4e6d2d5f5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

84bd3c9dc2708641f616a41ec8439547

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetDesktopWindow
CharNextA
GetDC

kernel32

GetUserDefaultLangID
GetThreadLocale
QueryPerformanceCounter
GetCurrentThread
SetLastError
DeleteFileA
GetCommandLineW
Sleep
CopyFileA
GetCurrentProcessId
lstrcmpiA
GetCurrentThreadId
GetVersion
MulDiv
GetProcessHeap
GetTickCount
GetConsoleOutputCP
DeleteFileW
GlobalFindAtomA
GetWindowsDirectoryA
GetModuleHandleW
GetOEMCP
GetDriveTypeA
GetACP
RemoveDirectoryA
IsDebuggerPresent
lstrcmpiW
lstrlenA
GlobalFindAtomW
GetModuleHandleA
GetStartupInfoA
GetCurrentProcess
GetLastError
lstrlenW
lstrcmpA
GetCommandLineA
LoadLibraryW
SetCurrentDirectoryA
VirtualAlloc

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ