69a9717844443a972ab13381106e0431_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69a9717844443a972ab13381106e0431_JaffaCakes118
Size

76KB
MD5

69a9717844443a972ab13381106e0431
SHA1

36f5c37dbd1c6802ddcc475db8f79b5f00cea52d
SHA256

956a7183b03f5217edeb67b80cba3a6e9564937fc3ca65701f235a23b74cd66a
SHA512

3b8421f410c776260d3ed8e187a06f048a2dd26061b56a0d7fe3fb664d320a80f2524d1b4aa9edb23b33c6bea56164f8784572c8063e225d889a30899e8d0e7c
SSDEEP

1536:3eT9I5AoS6LHM8PtAqxXAsAOMathV4zEm+BCL2ZR2esn1Z2I:WIOisTqxQsp/Hm+cAWTj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69a9717844443a972ab13381106e0431_JaffaCakes118

Files

69a9717844443a972ab13381106e0431_JaffaCakes118
.exe windows:4 windows x86 arch:x86

231bc57d35aa6e7b7fae9862fd10f131

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetComputerNameA
GetStdHandle
CreateEventA
GetWindowsDirectoryA
GetCurrentProcessId
ExitProcess
GetVersionExA
SleepEx
VirtualAlloc
CreateMutexA
LocalAlloc
LocalFree
GetSystemDirectoryA

advapi32

GetUserNameA

user32

GetForegroundWindow
GetSystemMetrics
GetActiveWindow

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ