4cc21c315277029ef147341fe713d500_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cc21c315277029ef147341fe713d500_JaffaCakes118
Size

365KB
MD5

4cc21c315277029ef147341fe713d500
SHA1

097d25b060a570d8f1fc3dd2ebcd820f0e7b036c
SHA256

c1327753fcd31eee443ab7bcdf564fda205a67391672bcc2bdb26e1221153515
SHA512

7664440baddb4a8d112a953c6280e8bafcd7ab9a80727aef14a1149a3984765a08d8524225f822b7042d81d1140ab01ab72d2ef0dbb6fdf60b24fffaa6d5fbba
SSDEEP

6144:X+caRMia4hib4j8jf51Qx7O6bcLehsEwkoK/6ERdFQJdlMu6lb/01apjbV6m8lL:OcaRMNx4ojf51aTcK0NEQUd0op3QlL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cc21c315277029ef147341fe713d500_JaffaCakes118

Files

4cc21c315277029ef147341fe713d500_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6fd195d3e7238055e0157cb8a91f01fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
ResumeThread
GetDriveTypeW
ReadFile
GetPrivateProfileStringW
GetConsoleAliasW
CreateMailslotA
GetCurrentProcessId
FindClose
EnterCriticalSection
GetCurrentThreadId
FindAtomW
HeapCreate
GetFileAttributesA
GetModuleFileNameA
LocalFree
EnumCalendarInfoW
SetLastError
GetModuleHandleA
GlobalFree

user32

CallWindowProcW
GetSysColor
GetMenuInfo
SetFocus
IsWindow
GetKeyState
GetClientRect
GetKeyboardType
GetClassInfoA
DispatchMessageA
DispatchMessageA
DrawTextW
GetCursorInfo

asycfilt

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ