a04f9d0b3942d8b120062a1d1bb9010f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a04f9d0b3942d8b120062a1d1bb9010f_JaffaCakes118
Size

352KB
MD5

a04f9d0b3942d8b120062a1d1bb9010f
SHA1

78e7db8f62be3389a3f431f35cb24e47237a7234
SHA256

526eac6d0b1cfcfc3e668d2e308b05dc7a4cdb5e2128764f608c51fb3941dfc1
SHA512

f020b499ff144735f7480e2d3a8845ed434b0e4e9e3933e1457dc2f43d384312eec35a01e6091233b23a56abad3e4f6f6f7434e47008a6cc34c623fae1d1a106
SSDEEP

6144:at+qWASxQ0rShyGlReFjbjfhyqQMRYNYoDvohAi3lFeK2BwWI+IvW:4WDQcShyGloFjbTA1KmNo/VF2vk+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a04f9d0b3942d8b120062a1d1bb9010f_JaffaCakes118

Files

a04f9d0b3942d8b120062a1d1bb9010f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e32e54179ffc530d0c20bd576d6ccb2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GlobalUnlock
GetSystemTime
lstrlenA
LocalFree
GlobalLock
FreeEnvironmentStringsA
FreeConsole
GetLastError
GetModuleHandleA
IsBadReadPtr
GetACP
VirtualProtectEx
GetStdHandle
CloseHandle
CreateEventA
FindClose
ResumeThread
OpenSemaphoreA
OpenMutexA

user32

IsIconic
GetSubMenu
SetFocus
ClipCursor
GetComboBoxInfo
GetDlgItemTextA
CreateWindowExA
GetMessageA
LoadCursorA
DialogBoxParamA
GetMessageA
IsMenu
EndDialog
MessageBoxA

msasn1

ASN1BERDecCheck
ASN1BEREncNull
ASN1BEREncOpenType
ASN1DecAlloc
ASN1BERDecBool

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ