95d0de3bcf853d7dc278fdb8abd855e6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95d0de3bcf853d7dc278fdb8abd855e6_JaffaCakes118
Size

53KB
MD5

95d0de3bcf853d7dc278fdb8abd855e6
SHA1

b63d2184aa1ad18e2a0f53cd2f6016b6c4a6b77c
SHA256

da68684871588e609a4b718f6e0e68be9a3e80ac0ea63ef4a4f3db01cc7f91fc
SHA512

450635745d580864305eec2ff3ece56f7ff316ac6e1e2af375da9fc1a78f3a10c3c7a1fd0d6551b19e7691a35b97f29ef9cca3318605636ebf68e57401c988ed
SSDEEP

768:QRHPtCQ2tIhRLXwolNoi/V1vd21oNUsWQ8kt3Vvru7apeX9seVZCfcxpkCG2+fsN:QP4Q2tcRtacWiRga8X9se+khGh0kq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95d0de3bcf853d7dc278fdb8abd855e6_JaffaCakes118

Files

95d0de3bcf853d7dc278fdb8abd855e6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

571d564359db1bf8f52ba823c4dafbed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
lstrlenA
GetTempPathA
lstrcpyA
GetLastError
CloseHandle
WriteFile
CreateFileA
lstrcatA
lstrcpynA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
FindAtomA
GetVersion
GetTickCount
LoadLibraryA
GetTempFileNameA
CreateMutexA
OpenMutexA
ExitProcess
lstrcmpA
GetLocalTime
GetCommandLineA
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

GetWindowRect
ClientToScreen
GetFocus
EqualRect
GetCaretPos
InflateRect
IsWindowVisible
GetCursorPos
wsprintfA

shlwapi

SHGetValueA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE