a73e323bc0ab1a391072d2e525d41259_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a73e323bc0ab1a391072d2e525d41259_JaffaCakes118
Size

18KB
MD5

a73e323bc0ab1a391072d2e525d41259
SHA1

279ce92bc44264030bfd55c9fb23ec65491839c1
SHA256

0621c8988b094471128e2be14360886268fb0d3c73510df40a9ff9fa5fa0292e
SHA512

8de8bd54f485713f543d64fcfedf8eb65b1eb009e39f7232cd658e1f6563a0bd1519adf2cb86b0cff60b92cf1bd76a08d3b8f5c04fd65da79dd8d55704ebcf7f
SSDEEP

192:cHpjnL6aijaGmK1eF9hid59PkQk4NJqz4nmrtYsJtl8ggPQEsisjSylVTj4NKOI:cxaja9K8hwzkQk4vIqKYq1EsRd1j4A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a73e323bc0ab1a391072d2e525d41259_JaffaCakes118

Files

a73e323bc0ab1a391072d2e525d41259_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9711b28c96f16c4c7cc35449988d4b2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateIoCompletionPort
IsDebuggerPresent
VirtualProtect
GetCurrentProcessId
HeapDestroy
WaitForSingleObject
LoadLibraryExA
GetLogicalDrives
GetStdHandle
GetTapeStatus
HeapQueryInformation
GlobalMemoryStatus
GetEnvironmentStringsA
InterlockedExchange
GetProcessVersion
HeapCreate
GetProcessHeap
GetModuleHandleA
GetCurrentThread
GetTimeFormatA
GetACP

user32

SetForegroundWindow
GetCursorPos
DrawTextA
FrameRect
EndPaint
wsprintfA
BeginPaint
GetWindow
GetTitleBarInfo
SetActiveWindow
GetFocus
FillRect
GetWindowTextLengthA
GetDlgItem
ShowWindow
ReleaseDC
GetParent
DragDetect
GetClassNameA

gdi32

GetLayout
CreatePalette
CloseFigure
GetClipBox
CreateBitmap

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ