a54a654437736e2a5fe39e9a52815d56_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a54a654437736e2a5fe39e9a52815d56_JaffaCakes118
Size

7KB
MD5

a54a654437736e2a5fe39e9a52815d56
SHA1

37b5cd7ac48f88aa6d949e1038095593ca7d0feb
SHA256

948f5f061f12b453a78cd590d507bc502d654c150db2555b686a1392569f6768
SHA512

6f469aa0a505b5fb8f97a96970af317ad89f0f23340d9a0cc4837ad11b51e1d1f6d0ebe151874ba24dfe89e1440056739289787666fa53f7760b38fa43bebaf9
SSDEEP

192:2Vd0EWovk9dkTGDBiPMfa5rGbpQpJU7WO/:2VdF89diGD21NGVQjU7WO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a54a654437736e2a5fe39e9a52815d56_JaffaCakes118

Files

a54a654437736e2a5fe39e9a52815d56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36ccf29fc5a579a90a5a60d5cc59bdb6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
CloseHandle
FindFirstFileA
CreateProcessA
lstrcatA
GetStartupInfoA
FreeLibrary
LoadLibraryA
CreateDirectoryA
Sleep
CreateFileA
GetProcAddress
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
GetTempFileNameA
GetSystemDirectoryA
GetModuleFileNameA
GetTempPathA
GetShortPathNameA
GetLastError
CreateMutexA
lstrcpynA
HeapAlloc
GetProcessHeap
HeapFree
lstrcmpiA
ExitProcess

user32

GetActiveWindow
wsprintfA
GetCapture

gdi32

GetBkMode
CreateCompatibleDC
GetBrushOrgEx
GetBkColor
CreateCompatibleBitmap

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE