95394feffc355274c5a5cbabdddd4bc8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95394feffc355274c5a5cbabdddd4bc8_JaffaCakes118
Size

316KB
MD5

95394feffc355274c5a5cbabdddd4bc8
SHA1

f68b904ec4315249e523882ed2b2fff95e3a9c17
SHA256

0b4c72b7f26684d72c9d23850e515ee333f0c78826b4ce766c1e36358d0e4cfb
SHA512

dd67d5991fe32eb538ab9a061287c550ddbecbe14635281e6e8437b38012681ef00f7962e7906b0e731b27db4373ba0497f8a3a338700b243b889355d894b346
SSDEEP

6144:qhgMbyt+/lFO7UXdj5hcD28Ek5k+6GGv+H1wpZnjZr0J/x:qhgxtAA70R5uq89H6EHe3pUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95394feffc355274c5a5cbabdddd4bc8_JaffaCakes118

Files

95394feffc355274c5a5cbabdddd4bc8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3018f079fcbdda4857c480b5f098ee07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
GetACP
LoadLibraryA
FormatMessageA
OpenSemaphoreA
GetStdHandle
GetExpandedNameA
InterlockedExchange
GetCurrentThread
FlushFileBuffers
GetModuleHandleA
GetTimeFormatA
DeleteAtom
HeapCreate
GetCurrentProcessId
VirtualProtect
HeapDestroy
GetCurrentProcess
GetEnvironmentStringsA
GetThreadPriority
IsDebuggerPresent

user32

FrameRect
GetParent
ShowWindow
GetClassNameA
SetForegroundWindow
ReleaseDC
IsIconic
GetCursorPos
DrawTextA
GetWindow
FillRect
BeginPaint
GetWindowTextLengthA
GetFocus
SetActiveWindow
wsprintfA
ValidateRgn
GetDlgItem
EndPaint

linkinfo

IsValidLinkInfo
GetCanonicalPathInfoA
ResolveLinkInfoA
GetLinkInfoData
DestroyLinkInfo

version

GetFileVersionInfoA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ