820d4283d1adf596d647aa66c431f89a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

820d4283d1adf596d647aa66c431f89a_JaffaCakes118
Size

167KB
MD5

820d4283d1adf596d647aa66c431f89a
SHA1

89404fb7debf31304c9492987fb64fc6ec850a91
SHA256

60cce3ac19768d2da79c0f5f0a2ee073eabc93b702cc1263db96454ff3ce64b6
SHA512

768c0247e4c27f98ec07dc04cb7a55cacb9eb6f904bf5721b59d2998399df2fc546cf753407d27e4de374a1a30d91c40a508ca11243f7fc6e61597f30a155ad7
SSDEEP

3072:QOXbTyNkYhsO1d3NTw8RgA/LqNExmHURwslnInWbUt+w/:vyNrhd1w8RDxmHURJlWWbU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
820d4283d1adf596d647aa66c431f89a_JaffaCakes118

Files

820d4283d1adf596d647aa66c431f89a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b79b09a7b039fa2fe138e85167fcaa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CompareStringA
GetShortPathNameW
SetErrorMode
SetEnvironmentVariableW
ConvertFiberToThread
GetSystemDirectoryW
IsBadReadPtr
SetThreadIdealProcessor
LCMapStringW
FileTimeToSystemTime
GetLocalTime
FileTimeToLocalFileTime
FindFirstFileW
FindNextFileW
LocalFree
LocalFileTimeToFileTime
EnumResourceNamesW
RegisterWaitForSingleObject
FindResourceW
SystemTimeToFileTime
FindClose
GetOEMCP
LocalAlloc
GetStringTypeW
GetCurrentProcess
SetCurrentDirectoryW
LoadResource
FreeLibrary
SearchPathW

user32

IsWindow
SetCapture
IsWindowEnabled
ValidateRect
ValidateRgn
FlashWindow
InvalidateRgn
GetCapture
EnableWindow
UpdateWindow
ExcludeUpdateRgn
ReleaseCapture
RealGetWindowClassA
DestroyWindow
GetUpdateRgn

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ