a1bce0219fca47174a2faacc6adf7afd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1bce0219fca47174a2faacc6adf7afd_JaffaCakes118
Size

363KB
MD5

a1bce0219fca47174a2faacc6adf7afd
SHA1

43f935b752c4f41b227491d3f1c3ddde82239c72
SHA256

f3a79608ea1ae2d27170cfdf8139f966b2370ad3a0375601e8cbc98e9f324f8f
SHA512

12be3eac0aec70b029e31363bfff38b060db647a452d7930f9fffc2ec92241aa61c6064ec21545fae4c9b4ff15601dc011e71ccf5f1b5269ba743a800fae75ea
SSDEEP

6144:lFIuRMMha4hib4j8jf51Qx7O6bcLehsEwkoK/6ERdFQJdlMu6lb/01apjbV6m8lL:lF9RMMQx4ojf51aTcK0NEQUd0op3QlL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1bce0219fca47174a2faacc6adf7afd_JaffaCakes118

Files

a1bce0219fca47174a2faacc6adf7afd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d2556e877d0a96bc829acb65b85f9bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
FindAtomW
CreateMailslotA
GetModuleHandleA
GetCurrentThreadId
SetLastError
GetCurrentProcessId
GetFileAttributesA
GetPrivateProfileStringW
LocalFree
GetDriveTypeW
FindClose
SetEvent
ReadFile
GlobalFree
GetConsoleAliasW
GetModuleFileNameA
EnumCalendarInfoW
EnterCriticalSection
HeapCreate

user32

GetClassInfoA
DrawTextW
CallWindowProcW
GetKeyState
GetSysColor
GetMenuInfo
DispatchMessageA
IsWindow
GetClientRect
GetKeyboardType
DispatchMessageA
GetCursorInfo
SetFocus

asycfilt

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 353KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ