a0d82fcd0a03dfb1c273a01b94576b5a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0d82fcd0a03dfb1c273a01b94576b5a_JaffaCakes118
Size

312KB
MD5

a0d82fcd0a03dfb1c273a01b94576b5a
SHA1

b96954acd7b4462dd11650b3f7352cd55390230d
SHA256

244e133f224e98f771a1dc2c6550e5a6cdbaecae32ab7b7f7028a5a061af747f
SHA512

50d18d0ca4e84c4bd7de504367d8f0455f7487e145efb584e3c2be0570e0ce5b1c5260c4f89b24534732621c9864df115e0138dbff8077bbdbe14eeead70b671
SSDEEP

6144:0rTuETVyp+zFTan/bdV+6A5iP2naGmzvXYu5aRCaMMQG:0Wr+zUDvA5eYYvYiaPMY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0d82fcd0a03dfb1c273a01b94576b5a_JaffaCakes118

Files

a0d82fcd0a03dfb1c273a01b94576b5a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4be39fdc98f43459009b81e8cf03e79c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetCurrentProcessId
GetSystemDirectoryA
GetCompressedFileSizeA
FreeEnvironmentStringsA
RaiseException
OpenMutexA
GlobalFree
IsDebuggerPresent
GetStdHandle
GetACP
HeapCreate
GetCurrentThread
VirtualProtect
GetCurrentProcess
InterlockedExchange
FlushFileBuffers
GetCommandLineA
ReadConsoleA
LoadLibraryExA
SetEvent

user32

GetWindow
GetCursorPos
DrawTextA
wsprintfA
FrameRect
FillRect
GetFocus
SetForegroundWindow
GetDlgItem
ValidateRgn
IsIconic
EndPaint
GetClassNameA
ReleaseDC
GetParent
ShowWindow
SetActiveWindow
GetWindowTextA
BeginPaint

crypt32

CertCloseStore
CertCreateContext
CertDuplicateStore
CertControlStore
CertFindAttribute

apphelp

ApphelpCheckIME

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ