88b6f43d19c4ab625ac90705f8465dea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88b6f43d19c4ab625ac90705f8465dea_JaffaCakes118
Size

274KB
MD5

88b6f43d19c4ab625ac90705f8465dea
SHA1

d7bad9f887a5fb01ad0c53969ceb244978540342
SHA256

9820f66a7c7fb55e29cff9d9eaff8729008a7a73af1fa070034602eb2ee0abe5
SHA512

3f4d59b8be809a275cc8d136d9ad610f4616a2118d48326e406402859f2f4b74227c623039959df2ae654bfa7be96fa9ffe11d78708faeef015f9291274fdfb2
SSDEEP

6144:fOXHjn3SOI3x2nuLHWVVHBXDHC4RQkSX4M1WKM7Fjy4Ufs+a:faT3SOiRsfXRQnXb4DRjy4f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88b6f43d19c4ab625ac90705f8465dea_JaffaCakes118

Files

88b6f43d19c4ab625ac90705f8465dea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99eeea20d301a0ebc238875b9b6d76ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GlobalAddAtomW
GetCommandLineW
FindFirstFileA
EnumResourceLanguagesW
GetModuleHandleW
FindNextFileA
HeapAlloc
FindFirstFileW
CloseHandle
EnumResourceNamesW
GetProcAddress
EnumResourceNamesA
SetLastError
FindResourceExW
LockResource
GlobalFree
LoadLibraryA
RaiseException
EnumResourceTypesW
LocalFree
GetLastError
FormatMessageW
LoadResource
MultiByteToWideChar
GetDateFormatW
GetCurrentDirectoryW
SizeofResource
InterlockedExchange
HeapFree
Sleep

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

LoadStringA
SetTimer
MessageBoxA
IsWindowVisible
CharUpperA
PostThreadMessageA
KillTimer
GetWindowThreadProcessId
wsprintfW
EnumWindows
PeekMessageA
CharNextA
GetMessageA
GetWindowTextA
DispatchMessageA
wsprintfA

Sections

.text
Size: 137KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ