a6beee434a8329640e805773b9e70863_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6beee434a8329640e805773b9e70863_JaffaCakes118
Size

12KB
MD5

a6beee434a8329640e805773b9e70863
SHA1

e5e785b1304d94e60d59dd5800cfcd2874a81929
SHA256

2e9c66d023673596de8881cdfdb07710564f0a3fb604a2172aec7b555d6fd3e6
SHA512

f2466d33e05e6b35998249a5af7383013e6a21c43f7acdd7a11ed5cd3e27829b4ee5c08c3a73454cd87ed1a02765ac8b5df3a3771e6eaf8b6f2ab58dccb12b56
SSDEEP

96:6Pwqqx0misyQqQL6GeiuLH6KEeN8wvq+bP0tLuhkA4x0+drc:6IqTmicqQLNeiuLHQjSbUoz+d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6beee434a8329640e805773b9e70863_JaffaCakes118

Files

a6beee434a8329640e805773b9e70863_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83d84abd126ebbce4e9800ec6651b486

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
IsBadReadPtr
VirtualProtectEx
LoadLibraryExW
IsDebuggerPresent
lstrlenA
CreateMutexA
GetConsoleTitleA
GlobalUnlock
ResetEvent
EnumResourceTypesW
CloseHandle
LocalFree
Heap32First
GlobalLock
GetLastError
GetSystemTime
CancelIo
GetModuleHandleA
FreeConsole

user32

GetKeyState
GetParent
CloseWindow
DialogBoxParamA
GetDlgItemTextA
EndDialog
CopyImage
GetMessageA
CreateWindowExA
EnumWindows
GetMessageA
IsIconic
GetDlgItemInt
MessageBoxA

setupapi

SetupCloseLog
IsUserAdmin
MyFree
MyRealloc
SetupCopyErrorA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nzyhrcy
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE