62f067ec9ad2085d6600f6f48c2f1b8c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62f067ec9ad2085d6600f6f48c2f1b8c_JaffaCakes118
Size

41KB
MD5

62f067ec9ad2085d6600f6f48c2f1b8c
SHA1

ad28d4933cb56a7c2470744e0b39bb11d95934aa
SHA256

aabcbc69d5e8f1c632b9cc8b72a64d0c4178b7af9547dd4fdc3b2af1cdf55aff
SHA512

f2a04c2ffeb094f9128432b63609124ce7252085e8dc52546e2f7383b1996ca7eb87f3a8fc0be7687c32501c1d28037b47bb236d24ab8f15e8a510d690e7086a
SSDEEP

768:BJ+ty3m/aXWs/cOeYpMfFFFrEzZyzXC5rfim2y:yYiateYSLBjGrz2y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62f067ec9ad2085d6600f6f48c2f1b8c_JaffaCakes118

Files

62f067ec9ad2085d6600f6f48c2f1b8c_JaffaCakes118
.exe windows:0 windows x86 arch:x86

c1219bce944e3c226d4689cee16dec38

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetTempFileNameW
GetTempFileNameA
GetACP
GetCommandLineW
GetVolumeInformationA
lstrcpyn
LocalAlloc
GetLongPathNameA
OpenEventW
ExpandEnvironmentStringsA
FatalAppExitA
OpenEventA
MoveFileW
lstrlen
VirtualAlloc
GetCurrentProcessId
CreatePipe
FileTimeToSystemTime
GetStartupInfoW
FlushFileBuffers
LoadLibraryW
HeapCreate
GetVersion
GetFileAttributesA
GetDateFormatW
MoveFileA

user32

IsMenu
PostQuitMessage
RemoveMenu
GetDC
LoadCursorA
GetMenuInfo
RegisterHotKey
GetParent
CharNextW
GetDC

gdi32

DeleteObject
CreateDCA
MoveToEx

advapi32

RegQueryValueA
RegSaveKeyA

comdlg32

PrintDlgExW
ReplaceTextA
GetSaveFileNameA

shell32

SHBrowseForFolderW

ole32

CoCreateInstanceEx
CoGetClassVersion
CoInitializeEx

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ