a2cef8a9471d30e22440c93e04581543_JaffaCakes118 | Triage

Sharing

General

Target

a2cef8a9471d30e22440c93e04581543_JaffaCakes118
Size

76KB
MD5

a2cef8a9471d30e22440c93e04581543
SHA1

98f99adbf73b7792febac99b32b8da8192f112d9
SHA256

572cdfa2973d986cf41ec3d7b85d9d12b01c136eb91db51ac80b90a7f317ed62
SHA512

84d80e562edfe71c69d2c0f354c46131c49e6c9e9200c9d3271eadf4d4801e5ff6921a1866ec9e8bb427956cae6abb42ce193b93b02bf4a2838decf9fa83b695
SSDEEP

1536:beT9I5AoS6LHM8PtAqxXAsAOMathV4zEm+BCL2ZR2esn1Z2I:iIOisTqxQsp/Hm+cAWTj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2cef8a9471d30e22440c93e04581543_JaffaCakes118

Files

a2cef8a9471d30e22440c93e04581543_JaffaCakes118
.exe windows:4 windows x86 arch:x86

231bc57d35aa6e7b7fae9862fd10f131

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetComputerNameA
GetStdHandle
CreateEventA
GetWindowsDirectoryA
GetCurrentProcessId
ExitProcess
GetVersionExA
SleepEx
VirtualAlloc
CreateMutexA
LocalAlloc
LocalFree
GetSystemDirectoryA

advapi32

GetUserNameA

user32

GetForegroundWindow
GetSystemMetrics
GetActiveWindow

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ