88071fe780ddadfb01f3e2c552f0d60a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88071fe780ddadfb01f3e2c552f0d60a_JaffaCakes118
Size

15KB
MD5

88071fe780ddadfb01f3e2c552f0d60a
SHA1

e635b2247c6b17bd27358eb4e825e945b630c379
SHA256

4bde64a6c02451d2fa66c7f146180106e81061025704ffb2715cd46a97b68694
SHA512

54f7cdd34c9a68a1d8d952b0e8a74e4f97d33ee5a7ca879f59231dd776c1090dba3a598e99afea205b7796203eed1799a8d0ad65e831c4fdd80f5abaa8fdea04
SSDEEP

192:JukyMVqbam/tekrJaapI4idEbvMWIRYlGgjYyVjOXV8djni:J69tekr0apnaEbvMXsGgjF9OXWi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88071fe780ddadfb01f3e2c552f0d60a_JaffaCakes118

Files

88071fe780ddadfb01f3e2c552f0d60a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ba3a7f98878fa679c074fe1c52a093b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLCID
FindCloseChangeNotification
VirtualAlloc
GetProcessTimes
AllocConsole
lstrcpyA
GetOEMCP
lstrcatA
AreFileApisANSI
TlsGetValue
CancelIo
IsDBCSLeadByte
GetCommandLineA
GetCurrentThreadId
GetModuleFileNameA
GetBinaryTypeW
TlsFree
GetUserDefaultLCID
GetModuleHandleW
GetStdHandle
GetThreadLocale

user32

GetActiveWindow
RegisterClassA
InvalidateRect
ReleaseDC
GetWindowLongA
ValidateRect
GetWindow
GetClassInfoExA
ShowWindow
GetFocus
ReleaseDC
IsIconic
IsWindowVisible
GetForegroundWindow
GetWindowTextLengthA
GetWindowTextA
GetSystemMetrics
CloseWindow
GetDC

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerFindFileA
VerLanguageNameA
VerQueryValueA

ntmarta

EventGuidToName

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ