a4f6cde89849429a33e2c00a36028f70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4f6cde89849429a33e2c00a36028f70_JaffaCakes118
Size

182KB
MD5

a4f6cde89849429a33e2c00a36028f70
SHA1

a108117da9d8d2950c2b2accdb83cdb34942619c
SHA256

8b678f6a1f23abd45e2aaa59f94ef2e46a2f12015a953b8529fe97d4958ee925
SHA512

1885ed8c0bc5f38a45aedd15ca99b582338345872a4f3367a41b4d140318a8b3459470d4eac6cf549f9d3892c6a69aeba9e46594f1bbe751a5aea0994fe0c2e0
SSDEEP

3072:6Ir1h8sJWqUJotCDybeOzz7am9dWZr7x4A8hVtlDq6TgpMQTkk2:6g/WqYotCAzfawmr7Sfhdzq2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4f6cde89849429a33e2c00a36028f70_JaffaCakes118

Files

a4f6cde89849429a33e2c00a36028f70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa9b496947a1e3598ab5ec466c3e3abf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLongPathNameW
CloseHandle
LoadLibraryW
SetThreadContext
GetProcAddress
GetCurrentProcessId
EnumResourceTypesW
UnhandledExceptionFilter
ExitProcess
GlobalFree
GetCurrentThreadId
GetModuleHandleW
GetLastError
CreateFileW
GetVersionExW

advapi32

RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyW
RegCloseKey
RegSetValueW

user32

AdjustWindowRectEx
InvalidateRect
GetWindowPlacement
PostMessageW
SetRectEmpty
SetCursor
GetClientRect
FillRect

msvfw32

ICSendMessage
ICClose
ICOpen
ICDecompress

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ