a12b7ec9d8a219493b7754f8e4bb734d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a12b7ec9d8a219493b7754f8e4bb734d_JaffaCakes118
Size

761KB
MD5

a12b7ec9d8a219493b7754f8e4bb734d
SHA1

77fb35e6b9bfd51cd858cce4e5b376df8c55e67a
SHA256

5135e3118fd90aba684262c74375f925d25e02578e4ba6e93ddacf7e5915bafb
SHA512

b741d3d60be74c06190e57a87f4cc4b517bdd2890d840ef89efa30bc13ad9ed9673910d9850304e8d24a3ec0c8ee8510df298ce0df2b9504b6dff6fedbdda19b
SSDEEP

12288:2kmnRMVDTBFxQWSA/oE2zrDMgeiLbwGd1u/FZByuUK9KI81nzajWV/mtmIGuZzyv:LyRMVDFbSeoE2zrHhL0O4tZfUK8t1nQI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a12b7ec9d8a219493b7754f8e4bb734d_JaffaCakes118

Files

a12b7ec9d8a219493b7754f8e4bb734d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5027669d1bf80f121096045e1766c8e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
GetDriveTypeA
lstrlenW
FindClose
LocalFree
GlobalFlags
GetFileTime
GetEnvironmentVariableW
TlsGetValue
WriteFile
ReleaseMutex
FindAtomA
CreateEventW
InitializeCriticalSection
LoadLibraryW
GetCurrentThreadId
GetCurrentProcessId
HeapCreate
IsBadStringPtrW
ReleaseMutex

user32

SetFocus
DrawStateW
GetClassInfoA
IsWindow
GetSysColor
DispatchMessageA
EndDialog
GetSysColor
CreateWindowExA
GetClientRect
DrawTextA
CallWindowProcW
GetKeyboardType

rastapi

DeviceDone
DeviceDone
DeviceDone
DeviceDone
DeviceDone

cryptui

LocalEnroll

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 751KB - Virtual size: 751KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ