76dc6c6ae00bca4e89eb90a1736e6127_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76dc6c6ae00bca4e89eb90a1736e6127_JaffaCakes118
Size

320KB
MD5

76dc6c6ae00bca4e89eb90a1736e6127
SHA1

8c050e2260e04da327021a036103c1459cb5c66e
SHA256

8e50ddceba13f1997a0f9ac0aeba6dad3c5a7fd88f5dc1b1ae1266a759ee5861
SHA512

b1b7a9d2218e38b6417f50af270fd13304af01b2b1b34d0c423b7503c32381404c518208331793925975204dfff86a35d80e4e87f29d13b51390f663b61b39e8
SSDEEP

6144:n7rEWiGKO9gIFD7py1d/99GxqI7lWA/LtC6DaRNAk93gBdk4mW3:7rXMOic1sUxXxWKZLwSSgB2W3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76dc6c6ae00bca4e89eb90a1736e6127_JaffaCakes118

Files

76dc6c6ae00bca4e89eb90a1736e6127_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4eac89e0b5b8d4f9ccfa94ee2fa8f8b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateIoCompletionPort
HeapCreate
GetACP
GetLogicalDrives
GetProcessVersion
HeapDestroy
GetStdHandle
GetCurrentThread
WaitForSingleObject
LoadLibraryExA
HeapQueryInformation
GetTapeStatus
IsDebuggerPresent
GetEnvironmentStringsA
GlobalMemoryStatus
VirtualProtect
GetCurrentProcessId
InterlockedExchange
GetProcessHeap
GetModuleHandleA
GetTimeFormatA

user32

GetClassNameA
ReleaseDC
BeginPaint
ShowWindow
wsprintfA
FrameRect
DragDetect
GetTitleBarInfo
EndPaint
GetWindowTextLengthA
GetCursorPos
GetFocus
GetParent
FillRect
GetDlgItem
SetActiveWindow
SetForegroundWindow
DrawTextA
GetWindow

advapi32

RegCreateKeyA
RegSetValueExA
RegEnumKeyA
RegCloseKey
RegFlushKey

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ