96b163ddd0ddf1d4dffc14278122f72e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96b163ddd0ddf1d4dffc14278122f72e_JaffaCakes118
Size

174KB
MD5

96b163ddd0ddf1d4dffc14278122f72e
SHA1

33d723350f2ef1c3e619dee7c87dc64eeadb06f5
SHA256

c95d304f1618144b6c137942171d063a95a70f5e2c94687713b8127842e0e588
SHA512

1137170be0c44f2cd904b1237dba861d8964c6fda304bd0b4fc13a3176d797d6c028ddeb31db759cedc6000df39989441033f11f5287da2788079c81f26391e6
SSDEEP

3072:+Mu5DQLOT+fl72I/nJPgUYGU8c0ovmc4iNB54rmjtN7Cjej:Mpt6JPFYGW+TSxlCaj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96b163ddd0ddf1d4dffc14278122f72e_JaffaCakes118

Files

96b163ddd0ddf1d4dffc14278122f72e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9cb42d8886a4e8d8084be1b71ddc8249

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetModuleHandleA
GetThreadPriority
GetPriorityClass
ExitProcess
CloseHandle
GetTickCount
FreeLibrary
Sleep
VirtualAlloc
LoadLibraryA
GetStartupInfoA
GetCurrentThreadId
GetProcessTimes
GetCurrentThread
GetLastError
GetCurrentProcessId
GetModuleFileNameA
GetProcessHeap
ExitThread
GetCommandLineA

user32

OpenIcon
GetDC
GetWindowLongA
GetForegroundWindow
GetWindow
CreateWindowExA
IsWindowVisible
GetWindowDC
GetFocus
GetClassLongA
RegisterClassA
ShowWindow
GetSystemMetrics
GetWindowTextLengthA
GetActiveWindow
GetWindowTextA
BeginPaint
UpdateWindow
ReleaseDC

advapi32

RegCreateKeyExA
IsTextUnicode
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
GetUserNameA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerLanguageNameA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE