a8b6f2b45cafde848941a9fd21995457_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8b6f2b45cafde848941a9fd21995457_JaffaCakes118
Size

36KB
MD5

a8b6f2b45cafde848941a9fd21995457
SHA1

1e03c1f63312df67c467163723b5c64aff597d4c
SHA256

ee2b3f214a1001899096ccf3b091f8fae3800f70de0551e2e673ba64eb3f1952
SHA512

d3e5e9d7e1da7b8b38a306ef12e88c87d932b6fb5168a5908b3f4cd27dc1c0bd108a41da33692edde6804288b2c4ccbca86845b6ed9df81ea39b1cb96ece43f9
SSDEEP

384:xHBfA64EhnZ0dVl+5XcP1ElQR1iN/ZMdg2TVKG9wBycX6JUHGzSMwOP02:xHBI64U0dVl+6PR3ip0w8cX6JUHGpL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8b6f2b45cafde848941a9fd21995457_JaffaCakes118

Files

a8b6f2b45cafde848941a9fd21995457_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91ca9034da13a149318620c1e4e8518e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetModuleFileNameA
GetStartupInfoA
GetPriorityClass
ExitProcess
GetThreadPriority
GetCommandLineA
VirtualAlloc
FreeLibrary
GetCurrentProcessId
GetTickCount
GetLastError
CloseHandle
GetModuleHandleA
GetCurrentThreadId
LoadLibraryA
Sleep
ExitThread
GetCurrentThread
GetCurrentProcess
GetProcessTimes

user32

GetWindowLongA
CreateWindowExA
GetFocus
GetForegroundWindow
GetWindowTextA
GetSystemMetrics
IsWindowVisible
UpdateWindow
GetClassLongA
GetWindowTextLengthA
BeginPaint
ShowWindow
GetActiveWindow
GetDC
GetWindowDC
OpenIcon
GetWindow
RegisterClassA
ReleaseDC

advapi32

IsTextUnicode
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
GetUserNameA

version

GetFileVersionInfoA
VerLanguageNameA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ