760756dadcc4f284bc33d5bf3f2b370e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

760756dadcc4f284bc33d5bf3f2b370e_JaffaCakes118
Size

14KB
MD5

760756dadcc4f284bc33d5bf3f2b370e
SHA1

1c01d050074cee30258dfaa588962a2190bc2371
SHA256

17627565ea163710739e2d9da16ba183d34b16810debbea6be6a2b2bd4b7fa1f
SHA512

1e136f80f0f609a3b15cbde2463cf280e2484524fd3ed8995cdb9968900ed5787c80e7c709ffca276e89edb3111f812ce9897a55cbe3d40d673271f26caed406
SSDEEP

192:NkUYxqcP0QOTM6bdge66/lF5zkEd2jlbCEzCWc6eU:N1YF0QOQWdgeF/lFFkEd2jluEnp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
760756dadcc4f284bc33d5bf3f2b370e_JaffaCakes118

Files

760756dadcc4f284bc33d5bf3f2b370e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3bcec3cc02a0118bcd55196a3f73c74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
FindFirstVolumeMountPointA
GetFileAttributesW
lstrcpyA
GetSystemDefaultLCID
GetOEMCP
GetModuleHandleW
AddAtomA
GetCurrentThreadId
DeleteFileA
SwitchToThread
TlsGetValue
lstrcatA
VirtualAlloc
IsDBCSLeadByte
GetUserDefaultLCID
GetModuleFileNameA
GetCommandLineA
TlsFree
GetThreadLocale
GetDriveTypeA

user32

GetDC
ReleaseDC
ShowWindow
ValidateRect
GetForegroundWindow
GetSystemMetrics
GetWindowLongA
GetWindow
GetWindowTextA
GetClassInfoExA
GetWindowTextLengthA
CloseWindow
IsIconic
InvalidateRect
ReleaseDC
GetFocus
RegisterClassA
IsWindowVisible
GetActiveWindow

psapi

GetWsChanges
GetModuleBaseNameA
GetModuleInformation
EnumPageFilesA
EmptyWorkingSet
GetMappedFileNameA

msasn1

ASN1BERDecCheck
ASN1BERDecBool

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ