96b01d8a584e87782a2b83f664eab56e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96b01d8a584e87782a2b83f664eab56e_JaffaCakes118
Size

202KB
MD5

96b01d8a584e87782a2b83f664eab56e
SHA1

fdfb02462de7a6b723ec92cfdb559bf966013c47
SHA256

5cba0bbdccee9381f67307b94dc8ed3a6e25996bcbc379ca6452d5cfbc0e1bba
SHA512

9774b3bad070a153480e2331f083f8b550cb724c7002b8b56caf158f0068e414de9ac7688b3e721e1dcd430a2fec2cd473eb18dc2b8a9ea4e8fc2bc1410f799b
SSDEEP

6144:AzXNAuAL3QidimLhYp3wAJU2PBtFITTmnF:AJ+3QchqwkeToF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96b01d8a584e87782a2b83f664eab56e_JaffaCakes118

Files

96b01d8a584e87782a2b83f664eab56e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

148648d25899adc08d7c59a672db5318

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
RtlUnwind
VirtualFree
ResumeThread
TerminateProcess
GlobalFree
CreateProcessA
GetThreadContext
GetModuleHandleA
VirtualQueryEx
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalAlloc
VirtualAlloc
ExitProcess
GetTempPathA
lstrcmpA
GetTempFileNameA
CreateFileA
WriteFile
CloseHandle
WaitForSingleObject
FindAtomA
lstrcpyA
lstrcatA
GetCurrentThreadId
lstrlenA
GetLastError
OpenProcess

user32

ClientToScreen
RegisterClassExA
GetCursorPos
wsprintfA
OpenInputDesktop
GetThreadDesktop
SetThreadDesktop
InflateRect
FindWindowA
IsWindowVisible
GetWindowThreadProcessId
CreateWindowExA
EqualRect
CloseDesktop
GetFocus

shell32

ShellExecuteA

shlwapi

SHGetValueA

advapi32

CreateProcessAsUserA
OpenProcessToken

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE