9479fc3bbaaddd9489658242491f24b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9479fc3bbaaddd9489658242491f24b3_JaffaCakes118
Size

4.4MB
MD5

9479fc3bbaaddd9489658242491f24b3
SHA1

6308098bae5eb0d6b62ed7abbe3935079d724c48
SHA256

52625946ba66667bed36fbed4699ff7c62217b9dc3e92e8a9a305efc44c76f4b
SHA512

03abf1b98a1a8a10b66cf07eb243da3c85c233622fc029479d285c935ec12c4f38479ca36b86178f67776eab5b39bca86a6f415a67e3edb864035e75c1193605
SSDEEP

98304:Qj0qbrGZHh1rlgOq67A83z3vC/AUXGoCKe8T:m0yOBoOq67f3z/C/nGM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9479fc3bbaaddd9489658242491f24b3_JaffaCakes118

Files

9479fc3bbaaddd9489658242491f24b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

042eb037c87e77cca27250ed781b7bb1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
GetScrollPos
GetActiveWindow
EqualRect
DestroyMenu
PeekMessageA
TrackPopupMenu
LoadIconW
DrawFocusRect

kernel32

GetCurrentProcessId
SetUnhandledExceptionFilter
GetLocaleInfoW
LoadLibraryA
GetEnvironmentVariableW
GetProcAddress
GetCommandLineW
GetCurrentDirectoryW
GetModuleHandleA
HeapAlloc
GetACP
InterlockedExchange
GetSystemInfo
GetLastError
GetCommandLineA
GetStartupInfoA
SetConsoleCP
UnhandledExceptionFilter
VirtualProtect
Sleep
GetCurrentThread
GetModuleHandleW
InterlockedIncrement
GetOEMCP
GetVersion
SetStdHandle
HeapFree
CreateFileA
CloseHandle
GlobalLock
ExitProcess

advapi32

RegSetValueExA
RegCreateKeyExW
RegDeleteKeyW

gdi32

SetBkMode
CreatePalette

ole32

CoUninitialize

msvcrt

memset

version

GetFileVersionInfoW

Sections

.text
Size: 714KB - Virtual size: 713KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE