760358f16c2e5497cd51dfd44a86456c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

760358f16c2e5497cd51dfd44a86456c_JaffaCakes118
Size

20KB
MD5

760358f16c2e5497cd51dfd44a86456c
SHA1

c02b6897198795da7e4d8684b9026064feef2f71
SHA256

59ad9b42cca97874a65aa36bdbb6d65f68ff250eb51d83eb21663031ff2b17e8
SHA512

7c2fa9d6204ac995251e3c978a90ae8d56a6e2f1b99f493224c2d7734609caaa973f4c10ed59814829978cca03a25d04fd4fae43457e66568be760fceae65f53
SSDEEP

384:d68ctZRnoyNAwSJGw+f7UTw6AlT+WymHD5rMg/d/:dvcdhNfSbO7UTyiWyUrV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
760358f16c2e5497cd51dfd44a86456c_JaffaCakes118

Files

760358f16c2e5497cd51dfd44a86456c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6de782b5bc86d70c13eaa7ca15e7d87d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
GetModuleHandleA
IsValidCodePage
GetCurrentThread
TlsAlloc
GetThreadPriority
GetCommandLineA
GetCurrentProcessId
GetDriveTypeA
GetModuleFileNameA
GetProcessTimes
FreeLibrary
GetCurrentThreadId
GetCurrentProcess
Sleep
CloseHandle
VirtualAlloc
IsDebuggerPresent
GetLogicalDrives
GetStartupInfoA
LoadLibraryA

user32

CreateWindowExA
GetWindowTextA
BeginPaint
ShowWindow
GetActiveWindow
IsWindowVisible
GetDC
ReleaseDC
GetWindowLongA
GetClassLongA
GetFocus
GetWindow
UpdateWindow
RegisterClassA
GetSystemMetrics
GetForegroundWindow
OpenIcon
GetWindowTextLengthA
GetWindowDC

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
GetUserNameA
IsTextUnicode
RegCloseKey

version

VerLanguageNameA
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ