7715b4a34cb69ed6d5d72ff4893323d3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7715b4a34cb69ed6d5d72ff4893323d3_JaffaCakes118
Size

79KB
MD5

7715b4a34cb69ed6d5d72ff4893323d3
SHA1

65ee3456b0307d5791594a46130759918f7f26ae
SHA256

b5afcbc2559f76de75359dab4f600bb5f1f6a37e7d47bf657232a66db98ce1e1
SHA512

6eb521903435339106284f112065ac91522ba6b20949a8f635510203ff6aee3e682532acd15cdb4eb637ad3cb5ae1e96311fa19d9efca7e2e137e6bb901775b5
SSDEEP

1536:o7dYVZ27MMiNAKEIWq11RdExcB6wdu/H8MoVWTtXDNdg:oxYVJVfPB6OuEMiW7u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7715b4a34cb69ed6d5d72ff4893323d3_JaffaCakes118

Files

7715b4a34cb69ed6d5d72ff4893323d3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

20c2394e9cc08ca12c63018ccd1f0372

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
FindAtomA
GetTempPathA
lstrcpyA
GetTickCount
lstrlenA
GetLocalTime
GetVersion
CloseHandle
WriteFile
CreateFileA
GetLastError
lstrcatA
lstrcpynA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
LoadLibraryA
CreateMutexA
OpenMutexA
ExitProcess
lstrcmpA
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

wsprintfA
InflateRect
GetFocus
IsWindowVisible
EqualRect
GetCaretPos
GetCursorPos
GetWindowRect
ClientToScreen

shlwapi

SHGetValueA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE