a1f009a1c090be0c6f82573b5733870b_JaffaCakes118 | Triage

Sharing

General

Target

a1f009a1c090be0c6f82573b5733870b_JaffaCakes118
Size

242KB
MD5

a1f009a1c090be0c6f82573b5733870b
SHA1

3bd23ad87426d7ba4625cbe2a057bed74d3a8f46
SHA256

f038b61fa059ada1aa2699725f1c1a6b42b1e3ef846cd8acbbd0c11494bb41bc
SHA512

173e1f59c8ffc2eec0c8336f20e8aba74e255de5697b6a63f8de6818f244776802d2b48a19a48839ea07ee58375778ed79452092cea99d26ccb14a72d84ff29d
SSDEEP

6144:Qmm3+GoihAffSA2wk7pMOhBdq7IlTkYNk7aEQq4Mfum:Q9FoihqffYMOvdq7IIYZEaM/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1f009a1c090be0c6f82573b5733870b_JaffaCakes118

Files

a1f009a1c090be0c6f82573b5733870b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

76721778621c89bffc09615013d5ee36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
TlsSetValue
VirtualAlloc
GetModuleFileNameA
GetCommandLineA
Sleep
GetCurrentThread
GetCurrentProcess
lstrcmpA
TlsGetValue
IsDBCSLeadByte
GetLogicalDrives
GetACP
GetCurrentThreadId
GetModuleHandleW
TlsAlloc
GetSystemDefaultLangID
FreeLibrary
GetCurrentProcessId
TlsFree
GetDriveTypeW

user32

GetFocus
GetActiveWindow
ReleaseDC
ShowWindow
GetWindowDC
GetWindowTextLengthA
GetDC
GetForegroundWindow
UpdateWindow
GetWindowTextA
GetSystemMetrics
GetWindow
BeginPaint
GetClassLongA
CreateWindowExA
IsWindowVisible
GetWindowLongA
RegisterClassA
IsIconic

advapi32

RegOpenKeyExA
RegQueryValueExA
GetUserNameA
RegCloseKey
RegCreateKeyExA
IsTextUnicode

clbcatq

ComPlusMigrate
SetSetupOpen
DowngradeAPL
SetSetupSave

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ