942684315ed9ebee5cac2cb438b536a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

942684315ed9ebee5cac2cb438b536a4_JaffaCakes118
Size

20KB
MD5

942684315ed9ebee5cac2cb438b536a4
SHA1

b0dc11f29931b529e2efae0c77b856e548119258
SHA256

ad87c2a5616abb23de4aa867c8042ecb4277f8a48682e80351d53fe6779fab2d
SHA512

cf19132c507ddd5e46e3a6e8f505bd695d4e0f33d1831e5ef019659985c6b539573fda39fa79d914fa6264e499548a63b1b4e3073e4e61463ec2090827ebcb4f
SSDEEP

384:YYYPBKFTFZGw1UM/GbLdotEow8sKLw7HJ8Jg/+u8YFL5:7YPBKxTGw1WPgEo8KU8tu8YFL5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
942684315ed9ebee5cac2cb438b536a4_JaffaCakes118

Files

942684315ed9ebee5cac2cb438b536a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a966590d561bee76c4d6783494dd2ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetModuleHandleA
GetSystemDirectoryA
WaitForSingleObject
SetThreadPriority
CreateThread
TerminateProcess
OpenProcess
CreateEventA
OpenEventA
SizeofResource
OutputDebugStringA
CopyFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
Thread32Next
Thread32First
LoadResource
LockResource
DeleteFileA
WriteFile
Sleep
GetModuleFileNameA
LoadLibraryA
ExitProcess
GetWindowsDirectoryA
CreateFileA
GetFileTime
SetFileTime
GetCurrentProcess
GetCurrentThreadId
CloseHandle

user32

FindWindowA
GetWindow
EnumThreadWindows
GetWindowTextA
GetClassNameA
PostMessageA
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem
CheckRadioButton
DestroyIcon
GetThreadDesktop
CloseDesktop
wsprintfA
SendMessageA

gdi32

BitBlt
CancelDC
Chord
Arc
ArcTo
Ellipse
CloseEnhMetaFile

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ