70bb3a4f9edcc3443b3e095116f2b3d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70bb3a4f9edcc3443b3e095116f2b3d7_JaffaCakes118
Size

263KB
MD5

70bb3a4f9edcc3443b3e095116f2b3d7
SHA1

c96814dc0dce53f12e8dbd4a482e2fcfdb0d72da
SHA256

ed0153405f4b6f27d5d9ee4c2c72c110d66a30afa93b2fcabd0db146f744d576
SHA512

42c844e9d4ee10b01149dd564f733bc090cba62f7f48f167f42b7b74c0baf730011fdeaead83739695bbb74f2f02050d33ecf2f6c5bc998d4eb979a807951748
SSDEEP

3072:RjcDT7XS2GTNPEuVTCwXxBtFZRr4OLMcUp/6mrbO2T0oRORYmsZC/EmgcmFZlbRX:5cX79anDZRr4a7meuUR8Zigf/lbEg66

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70bb3a4f9edcc3443b3e095116f2b3d7_JaffaCakes118

Files

70bb3a4f9edcc3443b3e095116f2b3d7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b77700336ebc7140cc898ff7e063d931

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
RtlUnwind
VirtualFree
ResumeThread
TerminateProcess
GlobalFree
CreateProcessA
GetThreadContext
VirtualQueryEx
LoadLibraryA
FreeLibrary
GlobalAlloc
VirtualAlloc
ExitProcess
GetTempPathA
lstrcmpA
lstrcatA
GetTempFileNameA
lstrlenA
CreateFileA
WriteFile
CloseHandle
WaitForSingleObject
GetCurrentThreadId
GetLastError
lstrcpyA
OpenProcess
FindAtomA
GetModuleHandleA
GetProcAddress

user32

GetFocus
wsprintfA
IsWindowVisible
GetWindowRect
InflateRect
OpenInputDesktop
GetThreadDesktop
SetThreadDesktop
FindWindowA
GetWindowThreadProcessId
ClientToScreen
CloseDesktop
GetCursorPos
EqualRect

shell32

ShellExecuteA

shlwapi

SHGetValueA

advapi32

CreateProcessAsUserA

gdi32

GetBkColor
GetBkMode

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 246KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE