95e38cc9eeca741b32057f3391d046a0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95e38cc9eeca741b32057f3391d046a0_JaffaCakes118
Size

268KB
MD5

95e38cc9eeca741b32057f3391d046a0
SHA1

8ebad35a9ac4b162fbbd22a6e5dce0f196b15d30
SHA256

f23d6ce25d04fa1a966da59001826b8e308fa79cd0ebdabc56dfa3c77ff61b34
SHA512

d7c78eac53cf8cc7a44a4d22caf5da23ec9d60ce5fd9deb28a07210b746a30b5ac79b1ff4dabb0822d1702a8e67defb55b0f300e44e2584a1024721574c6d138
SSDEEP

3072:IXK2sccqDgwpkgCJ473oF6fJGJmMDWuAclkOFSHPVAgLw41f7YzMf14E+k8xXQzN:Fbwp4F0JGEMDWu5kHdAgE4d7+bXV8dv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95e38cc9eeca741b32057f3391d046a0_JaffaCakes118

Files

95e38cc9eeca741b32057f3391d046a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5618f2ea23db37e531f8c2e4006404ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessInternalA
FreeLibrary
lstrcmpA
GetModuleFileNameA
GetDriveTypeW
VirtualAlloc
GetCommandLineA
TlsFree
GetLogicalDrives
GetCurrentProcessId
GetSystemDefaultLCID
GetUserDefaultLangID
GetCurrentThread
GetACP
IsDBCSLeadByte
GetCurrentThreadId
GetOEMCP
GetModuleHandleW
TlsSetValue
lstrcatA
TlsGetValue

user32

UpdateWindow
GetWindowLongA
GetWindow
ShowWindow
IsWindowVisible
GetForegroundWindow
GetWindowTextLengthA
RegisterClassA
GetFocus
GetWindowTextA
CloseWindow
BeginPaint
GetSystemMetrics
ReleaseDC
GetDC
GetWindowDC
IsIconic
GetActiveWindow
GetClassLongA

imagehlp

CheckSumMappedFile
ImageNtHeader
FindDebugInfoFile
FindFileInPath
BindImage
ImageLoad

oleacc

DllGetClassObject
GetStateTextA
GetRoleTextA
LresultFromObject

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ