a759f38c8ec2b60aa158d1fe43acd020_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a759f38c8ec2b60aa158d1fe43acd020_JaffaCakes118
Size

384KB
MD5

a759f38c8ec2b60aa158d1fe43acd020
SHA1

827d82a57310bea0c76d0b4c94c4df68985fa694
SHA256

6dbdc37e8c4f4526b0a306f064f25e0bb46d4593d2c4ae38b04ae07586ff1381
SHA512

62cf727ed732c8e694afa80af25c28b1b8b8ca5e5cdc456e01256bf36519f7673515d879f2d16e17cd9b223e725fbda159e4b5886ab370182c4e2ffa264edb79
SSDEEP

6144:QgEKZ07vKeCihOKKptdmER3PGR+Vum0BaTIpCHxb3Wv41u8kyhFIwog0l8mhJ5:QeZ0LCiYp5fh+CPTIpIb48kSIwoLl805

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a759f38c8ec2b60aa158d1fe43acd020_JaffaCakes118

Files

a759f38c8ec2b60aa158d1fe43acd020_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9388b142d888f1ad7f65b114b1a0ea51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

OpenDriver
timeBeginPeriod
timeEndPeriod

shlwapi

PathIsRootA
SHEnumKeyExW
SHGetValueA
SHGetValueW
SHQueryValueExA
SHEnumKeyExA

user32

ReleaseDC

advapi32

RegLoadKeyA
GetUserNameW

kernel32

HeapAlloc
GetTickCount
GetComputerNameW
GetSystemDirectoryA
GetProcessHeap
GetDriveTypeA
lstrlenA
lstrcmpA
lstrcmpW
GetFileAttributesW
HeapFree
GetWindowsDirectoryA
IsSystemResumeAutomatic
CreateFileMappingA
DeleteFileA
DuplicateHandle
GetConsoleCP
GetExitCodeThread
GetModuleFileNameA
GetCurrentProcessId
GetStdHandle
GetThreadLocale
GetUserDefaultLCID
GetFileAttributesA
IsValidCodePage
ReleaseMutex
ResetEvent
GetBinaryTypeA
CancelIo
BackupSeek

msvcrt

rand
toupper

ole32

OleRun

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ