70d8faeae7e5fdf53dfa259214a4f0a8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70d8faeae7e5fdf53dfa259214a4f0a8_JaffaCakes118
Size

20KB
MD5

70d8faeae7e5fdf53dfa259214a4f0a8
SHA1

5018936fe5b5133677681aea8c5df3dbb588b26a
SHA256

139cbb71ba0674ee7a08a9aff3b8c4a330d2cb3bdd92e1ca95f9437a8ae39f35
SHA512

aef9fa40ccf5011998e468350473b9f5a2079fe88eede7083b85a29c1e0e4c5a6ce702d2577e6d29bb83067f4a288e46d7acc7f68248c02bedca3328659fb27a
SSDEEP

384:JKcBjwQJXWdocnVz87UTw6AlT+WymHDLyM8nYG8RO:JfBj9WCcVz87UTyiWyTnYGL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70d8faeae7e5fdf53dfa259214a4f0a8_JaffaCakes118

Files

70d8faeae7e5fdf53dfa259214a4f0a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c20dfe3ffd026ad1c8f78d2765db29a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetCommandLineA
TlsFree
GetModuleFileNameA
GetCurrentProcessId
GetSystemDefaultLangID
GetLogicalDrives
GetThreadPriority
GetCurrentProcess
GetModuleHandleA
CloseHandle
GetDriveTypeA
TlsSetValue
VirtualAlloc
TlsAlloc
TlsGetValue
GetCurrentThreadId
IsValidCodePage
GetCurrentThread
FreeLibrary
GetStartupInfoA

user32

GetSystemMetrics
GetClassLongA
GetDC
ShowWindow
UpdateWindow
CreateWindowExA
RegisterClassA
BeginPaint
GetWindow
ReleaseDC
GetWindowTextA
IsWindowVisible
GetActiveWindow
OpenIcon
GetWindowDC
GetForegroundWindow
GetWindowLongA
GetWindowTextLengthA
GetFocus

advapi32

GetUserNameA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
IsTextUnicode
RegQueryValueExA

version

VerLanguageNameA
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ