a001e8ada6fee7d7353c986cd46b3c24_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a001e8ada6fee7d7353c986cd46b3c24_JaffaCakes118
Size

43KB
MD5

a001e8ada6fee7d7353c986cd46b3c24
SHA1

c42d4413530340be2e55a4bbb83e6674025d8015
SHA256

f0efd984cde11afae7a2d0d6476d8ce37c31fcfe8189e44ec90954147119295b
SHA512

7060ced0efee8d4755f0c665f64bbf8719eb41a41b1cca81f14939cd47363db9c09bf6b0f35a54bc3cebc6de9be151ccc15a90b4fee84b2336ffe39124584586
SSDEEP

768:ECtVgP5Uq1j3x04YuJZgumdar/W80UJvzVi0zJBXhDNVheaU9UObMXtnPwT1t:EQ2TtB04lGumdaWUJrViAFpUeVP4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a001e8ada6fee7d7353c986cd46b3c24_JaffaCakes118

Files

a001e8ada6fee7d7353c986cd46b3c24_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1cd40235311968565eb8a98f91ac4d0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
GetModuleFileNameA
FindClose
SetFileAttributesW
GetSystemTime
GetModuleHandleA
lstrcpynW
GetTimeZoneInformation
CreateMutexW
FindFirstFileW
GetUserDefaultUILanguage
GetTempPathW
GetSystemTimeAsFileTime
lstrcatW
SetLastError
MultiByteToWideChar
CloseHandle
OpenProcess
HeapAlloc
lstrlenA
SetThreadPriority
ReleaseMutex
GetCurrentThread
FlushFileBuffers
CreateEventW
SetEndOfFile
CopyFileW
GlobalLock
CreateThread
SetFileTime
HeapFree

user32

GetCursorPos
GetMessageW
EndDialog
SetProcessWindowStation

Sections

.jursx
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qfor
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reduv
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ