60123301259b2a013ac4f3f0336abaa3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60123301259b2a013ac4f3f0336abaa3_JaffaCakes118
Size

67KB
MD5

60123301259b2a013ac4f3f0336abaa3
SHA1

09c6b47c801dfa28342737077e940ed0bce5038d
SHA256

f15edc09af67ffa3886edb64e96b177056cc787f6bb0ce172526cb8bb6f2793f
SHA512

5fe3cd1e8a052babd48bafc4981c60b072b8818c60858cb446318d0f5f977ca051a809bf6845d77f1cd62ebd9f1bc1e267134f85da39c0faeef71d59eda38d7f
SSDEEP

1536:eaDEbhQ+I5IEykEa4x9EstcBRcMPu3ue6nVx7lX:eaDEbhCIEykz45cRu3uei

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60123301259b2a013ac4f3f0336abaa3_JaffaCakes118

Files

60123301259b2a013ac4f3f0336abaa3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5e5fed5ea04841fafb4593d4bbbf28c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
Sleep
GetSystemTimeAsFileTime
SetFileTime
GetFileAttributesA
GetLastError
SystemTimeToFileTime
VirtualProtect
WaitForSingleObject
GetCommandLineA
GetFileAttributesW
GetFileTime
VirtualAlloc
FindResourceW
CreateMutexW
CreateEventW
lstrcmpiW
GetModuleFileNameA
ResetEvent

shlwapi

StrCmpNIW
SHDeleteKeyA
PathCombineW
StrCmpNIA
StrStrW
PathFindFileNameW
wvnsprintfA
PathFileExistsW
PathMatchSpecW

advapi32

RegEnumKeyExA
RegCreateKeyExA
CryptCreateHash
GetUserNameW
CryptReleaseContext
RegQueryValueExA
CryptHashData
CryptDestroyHash
CryptGetHashParam
RegDeleteValueA

user32

LoadCursorA
CharLowerBuffA
SetThreadDesktop
GetClassNameA
GetCursorPos
DrawIcon
GetDlgItemTextA
PeekMessageA
GetIconInfo
OpenDesktopA
GetClipboardData
DispatchMessageA
FindWindowExA
GetForegroundWindow
GetKeyState
ExitWindowsEx
OpenWindowStationA
GetWindowLongA

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE