87f5129f51b5e70423afd9252c481919_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87f5129f51b5e70423afd9252c481919_JaffaCakes118
Size

312KB
MD5

87f5129f51b5e70423afd9252c481919
SHA1

6b5e7b0b269fa2fd7e13789a68fc09f09616ce20
SHA256

d5910500e47957f7f3e07296bbd8561ea509b5f0e2cd47a7c616ff862f684618
SHA512

504be1892a7142c20f299a6c992e068f687af7fcb6125b0df9cc8ff4a7b5cab4f15599ec3005e2ebd94a9fe3026d34bed72cb2e76152cf9f0adcf23257efe08b
SSDEEP

6144:JG2kb+Kdt6TGT3kVrKHXRuq/ce2xFaZ8E40xugx+bPeM40SGxS3:iEyT0VrKMgDoC8E4+ug0bvvNxu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87f5129f51b5e70423afd9252c481919_JaffaCakes118

Files

87f5129f51b5e70423afd9252c481919_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76628ff625615460d7ab234ed11e6f13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
VirtualAlloc
GlobalFlags
LocalHandle
GetProfileIntA
ExitProcess
CreateMailslotA
GetModuleHandleA
EnterCriticalSection
GetVolumePathNameA
GetProfileStringA
FindAtomA
GetUserDefaultLangID
GetOEMCP
CloseHandle
EnumDateFormatsA
GetStdHandle
GlobalLock
GlobalFree
GetTapeStatus
CreateJobSet

user32

GetActiveWindow
RegisterClassA
GetClassNameA
IsIconic
GetParent
GetFocus
ReleaseDC
DrawEdge
GetWindow
GetForegroundWindow
GetDC
GetWindowTextLengthA
BeginPaint
GetClassInfoExA
EndPaint
CloseWindow
ValidateRect
ShowWindow
GetWindowTextA

gdi32

ExtCreatePen
GetCharWidthA
CreateDIBitmap
CreateDCA
GetColorSpace

userenv

GetGPOListA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ