93e37b4a97172d347d5a5e1dd445e420_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

93e37b4a97172d347d5a5e1dd445e420_JaffaCakes118
Size

310KB
MD5

93e37b4a97172d347d5a5e1dd445e420
SHA1

6f1585e983f34e12b76a7bbd3c7406a5a7ac5268
SHA256

9ef448ab9a50ab2f6fb8aa434227f13514560e9a3bdb7aa2aa6cdbae8d1a36d0
SHA512

66e123fd63fc5b53f3f1fd3e89a34d7c84945db87f278294fd46c4d8f08da2009883b0aaec1dd57aad230d653e1c685810a57c27597fd3273fb5b1f3b0c1e7b3
SSDEEP

6144:PaY5KMTNzzfnZNMcWB4/AYOP4gvgpIyrHbrVZlfJ73dFWylPGFcr8:PxNnTW4/AXPMpzx5lPecY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93e37b4a97172d347d5a5e1dd445e420_JaffaCakes118

Files

93e37b4a97172d347d5a5e1dd445e420_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d280d46566df868df8de004e4e6ad1e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCompressedFileSizeA
OpenMutexA
VirtualProtect
GetCurrentProcess
ReadConsoleA
InterlockedExchange
FlushFileBuffers
GetCurrentProcessId
SetEvent
GetCommandLineA
GetSystemDirectoryA
GetCurrentThread
RaiseException
IsDebuggerPresent
FreeEnvironmentStringsA
HeapCreate
GetACP
GetModuleHandleA
GetLocaleInfoA
GetStdHandle
GlobalFree

user32

GetClassNameA
GetCursorPos
wsprintfA
EndPaint
ShowWindow
ReleaseDC
ValidateRgn
GetFocus
GetWindowTextA
GetWindow
FillRect
GetParent
SetForegroundWindow
SetActiveWindow
GetDlgItem
FrameRect
IsIconic
BeginPaint
DrawTextA

linkinfo

GetLinkInfoData
CreateLinkInfoA
IsValidLinkInfo
ResolveLinkInfoA
DestroyLinkInfo

rtutils

LogErrorA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ