89ba06bc0fb3b4de9b23941ed0451e70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89ba06bc0fb3b4de9b23941ed0451e70_JaffaCakes118
Size

96KB
MD5

89ba06bc0fb3b4de9b23941ed0451e70
SHA1

9890046c245531e2324846c16f3ca86ca9342fee
SHA256

b3c0a0ff4ae8838b47efeeb10b9844a4c0a5f9c20fb377562ec8b7290d86221a
SHA512

fe47ca5741fe6ade95fb4079d94134982c2136498ea961350f0233fe4cca62e8c17efc4aa88b8386a2d002e922b5aca5a3f619a038512fcf142ae6f29058595a
SSDEEP

1536:3qS4Zz9rTtvg3+GU2o1AgDujAg4WcsE2CC6NhefsKvdVtD/Yvj3lixOo:L4Zzg3JIygDPDPCkhusiZO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89ba06bc0fb3b4de9b23941ed0451e70_JaffaCakes118

Files

89ba06bc0fb3b4de9b23941ed0451e70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e88f446dadc7cc5ecd49cc4a2bd19c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
TlsGetValue
lstrcatA
CloseHandle
lstrcpynA
lstrcpyA
GetCurrentProcess
GetACP
GetProcessHeap
Sleep
GetCommandLineA
ExitProcess
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA

user32

SetTimer

gdi32

DeleteObject
CreateCompatibleDC

comdlg32

ChooseFontA

ole32

CoInitialize

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 686B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ