7393a92fa9e754308cf151f2b6f8022f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7393a92fa9e754308cf151f2b6f8022f_JaffaCakes118
Size

242KB
MD5

7393a92fa9e754308cf151f2b6f8022f
SHA1

d32447df181e6672fc9769bdc824cca61decf2e4
SHA256

58b5212828ab171fb428f23357e6a14e4d4527e485d0f90e5a527d25dd1599dc
SHA512

0ff2b96624fa21a9d2556c2645bdfe7a65de4fda05c02d331cd8a98997c41a9a289a68efb13f85b37b95dac1f0b47a504ba7092e329e78f345e1c63637949da1
SSDEEP

6144:CEm3+GoihAffSA2wk7pMOhBdq7IlTkYNk7aEQq4Mfum:C7FoihqffYMOvdq7IIYZEaM/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7393a92fa9e754308cf151f2b6f8022f_JaffaCakes118

Files

7393a92fa9e754308cf151f2b6f8022f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

143a036e4ca045a4474b292b142fc7e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
TlsSetValue
GetDriveTypeW
GetCommandLineA
lstrcatA
GetLogicalDrives
GetSystemDefaultLangID
GetCurrentProcessId
GetCurrentProcess
GetCurrentThread
IsDBCSLeadByte
TlsFree
FreeLibrary
VirtualAlloc
GetModuleFileNameA
GetACP
TlsGetValue
TlsAlloc
GetModuleHandleW
Sleep
GetCurrentThreadId

user32

GetFocus
BeginPaint
IsIconic
GetDC
GetWindowLongA
GetSystemMetrics
GetWindowTextLengthA
ReleaseDC
UpdateWindow
GetWindow
CreateWindowExA
IsWindowVisible
GetClassLongA
GetWindowTextA
RegisterClassA
ShowWindow
GetWindowDC
GetActiveWindow
GetForegroundWindow

gdi32

GetStockObject
GetObjectA
SetBkMode
SelectObject
SetTextColor
DeleteObject

clbcatq

SetSetupSave
DowngradeAPL
ComPlusMigrate
SetSetupOpen

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ