8743fa56a56bbf4a0c9e03430a7ddc4b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8743fa56a56bbf4a0c9e03430a7ddc4b_JaffaCakes118
Size

244KB
MD5

8743fa56a56bbf4a0c9e03430a7ddc4b
SHA1

e5b0d78759ec5e818381e3aaa4373fea9f404493
SHA256

ef522b98106433d491e90dedf4bc5a9665d88a056de0501a754d2f631afd38e6
SHA512

aa43835885af47b7a086d6ac2082e68184ebb136079d26adaad3b9710cb1a5e73e33f3bd33bd38694ab1690c2c2cc74b63d64818c83d673cb721e7947fed7839
SSDEEP

6144:4uUV65Id2L0wHcIwXhv+EhlK7Q5qux9BJiRS:4rV6asQw8ph2EhlPZ9qS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8743fa56a56bbf4a0c9e03430a7ddc4b_JaffaCakes118

Files

8743fa56a56bbf4a0c9e03430a7ddc4b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4daaaa5123b0c937106b4d8158fb129

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
TlsSetValue
IsValidCodePage
FreeLibrary
GetSystemDefaultLangID
TlsFree
GetDriveTypeA
VirtualAlloc
TlsGetValue
GetCurrentThread
CloseHandle
GetCurrentProcessId
GetStartupInfoA
GetCurrentThreadId
GetCommandLineA
TlsAlloc
GetModuleFileNameA
GetModuleHandleA
GetACP
Sleep
GetLogicalDrives

user32

IsWindowVisible
GetWindow
GetClassLongA
GetActiveWindow
ShowWindow
GetWindowDC
GetDC
GetFocus
ReleaseDC
GetWindowTextLengthA
GetForegroundWindow
RegisterClassA
OpenIcon
GetWindowLongA
UpdateWindow
BeginPaint
GetSystemMetrics
GetWindowTextA
CreateWindowExA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
GetUserNameA
IsTextUnicode
RegCloseKey

version

VerLanguageNameA
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ