93ad51e981ec780c160976f39ddfdb09_JaffaCakes118 | Triage

Sharing

General

Target

93ad51e981ec780c160976f39ddfdb09_JaffaCakes118
Size

316KB
MD5

93ad51e981ec780c160976f39ddfdb09
SHA1

b7715896f82680740ff79ad6e14c6595bd06412c
SHA256

0f0bc195b7cff4eb9cac920045750229125f0ca23bf2723ac1c65b126c64b87f
SHA512

9783ed1a7d2ffca2083783faa1776ddab1c4b30f1b6dd7646c25b676894f4167c6d7863b3099e8364efc517a55d9ce0efca55eef883bdc4eab7ba30d25f7e38b
SSDEEP

6144:xhgMbyt+/lFO7UXdj5hcD28Ek5k+6GGv+H1wpZnjZr0J/x:xhgxtAA70R5uq89H6EHe3pUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93ad51e981ec780c160976f39ddfdb09_JaffaCakes118

Files

93ad51e981ec780c160976f39ddfdb09_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5781d3ae94ac9e4b83a95472cebc9209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExpandedNameA
GetStdHandle
InterlockedExchange
IsDebuggerPresent
GetTimeFormatA
GetCurrentThread
HeapCreate
HeapDestroy
FormatMessageA
LoadLibraryA
GetModuleHandleA
DeleteAtom
GetEnvironmentStringsA
OpenSemaphoreA
FlushFileBuffers
WriteConsoleA
GetCurrentProcessId
VirtualProtect
GetCurrentProcess
GetACP
GetThreadPriority

user32

GetWindow
wsprintfA
FillRect
GetWindowTextLengthA
ReleaseDC
EndPaint
ShowWindow
GetFocus
GetParent
SetForegroundWindow
SetActiveWindow
GetClassNameA
DrawTextA
GetDlgItem
BeginPaint
GetCursorPos
IsIconic
ValidateRgn
FrameRect

linkinfo

GetCanonicalPathInfoA
IsValidLinkInfo
GetLinkInfoData
DestroyLinkInfo
ResolveLinkInfoA

version

GetFileVersionInfoA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ