a31648a3567b1d6d1266430dd244e904_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a31648a3567b1d6d1266430dd244e904_JaffaCakes118
Size

23KB
MD5

a31648a3567b1d6d1266430dd244e904
SHA1

7360d40217775f17bf589286a5cb5ce75230a0a3
SHA256

de4743edd920c285b345c02f2da7a2159d5a1453751f342aef73afb21b0c56d8
SHA512

3f5cf7788906c888eb7c9104f357c541dfb3f8ac9d49b8bd689be2929375b68d115be6ddd7835ed187a28a30c3384bf82d571b2c0676c8d51f9d95b15aad99cd
SSDEEP

384:+AWDo/9JIcr1m7BoLISpZGCeImgPglmOcJ8VYBCO3R4jjFTfWmWXOlkxF3M4Z:+1De9i4iGLPpZGVgPg0OcWtO3R4jFTfW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a31648a3567b1d6d1266430dd244e904_JaffaCakes118

Files

a31648a3567b1d6d1266430dd244e904_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1e09dc5b8eec19a7be3d67a52276e82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetPrivateProfileStringW
GetCurrentThreadId
GetDriveTypeW
GetModuleFileNameA
EnumCalendarInfoW
LocalFree
HeapCreate
GlobalFree
EnterCriticalSection
SetEvent
CreateMailslotA
ResumeThread
ReadFile
FindClose
GetConsoleAliasW
SetLastError
GetCurrentProcessId
GetFileAttributesA
FindAtomW

user32

IsWindow
DrawTextW
GetSysColor
DispatchMessageA
CallWindowProcW
DispatchMessageA
GetKeyboardType
GetKeyState
GetClientRect
SetFocus
GetMenuInfo
GetClassInfoA
GetCursorInfo

asycfilt

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ