a2ab47a4e63d99f2a90ede6d5c0a1412_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2ab47a4e63d99f2a90ede6d5c0a1412_JaffaCakes118
Size

80KB
MD5

a2ab47a4e63d99f2a90ede6d5c0a1412
SHA1

666e161b71ee9fe07bf6257feede8ea57fe3b070
SHA256

c4b349f61df89e6553c5fe60b48499bb49e7c7c3a36e1c9f02f738abe63ae73b
SHA512

8f903f8ba813968f3f670ce788ab31677b6302281e033e8dc48c36371aafa0c23fc6299c9c8511e3cfe3dae019a34ed51748fd7b2e6edbb422cc997692e13edb
SSDEEP

1536:o4W17M1ylEF2xcQUskNH6ffRx2dpfZRza8mC2wgc:o4p4lEGclsiaBx0hzNmIgc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2ab47a4e63d99f2a90ede6d5c0a1412_JaffaCakes118

Files

a2ab47a4e63d99f2a90ede6d5c0a1412_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b634e2c81cba294a4a4f0802b476eeee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
VirtualFree
FindResourceW
ReadProcessMemory
GetCurrentProcessId
GetCurrentThreadId
GlobalLock
GetProcAddress
FindFirstChangeNotificationW
ResumeThread
InterlockedIncrement
LoadLibraryA
TerminateThread
SetWaitableTimer
InterlockedDecrement
GetSystemTime
QueryDosDeviceW
SetLastError
CreateProcessW
MulDiv
SetEvent
GetPrivateProfileStringW
GetDriveTypeW
FreeResource
GetCurrentThread
WriteFile
MoveFileW
CreateWaitableTimerW

user32

PostQuitMessage
SetWindowPos
wsprintfW
DestroyIcon
SetWindowTextW
GetWindowThreadProcessId
WindowFromPoint
TrackPopupMenu
DialogBoxParamW
GetWindowRect
RedrawWindow
CreatePopupMenu
PostMessageW
GetClassNameW
RegisterHotKey

Sections

.vteresc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.owgnyey
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dhionzk
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE