a7c4920f2cccee1a371f9ad4cfb618f1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7c4920f2cccee1a371f9ad4cfb618f1_JaffaCakes118
Size

18KB
MD5

a7c4920f2cccee1a371f9ad4cfb618f1
SHA1

0d047dd8e4bc18dfc87ed76bfd162758dfa6c629
SHA256

84019b8f8315737ac041885bb263413624aa10e4b65a295221acf865b36aaf6f
SHA512

68afb4fd8bcc158301b2ca63e0d32689ea939de763ba1ae77f37c4031e0fff9c7c322984c9be7b2783c19c26fa60e9d104833ee3d0d2a576193fe6d1d79b00ed
SSDEEP

192:C48xBte+shj3YA9tGGyADb3/4n9e1vXKIdU3rOvWt6m66h6EfJ:CPtS3dG+T/4n9e1ArRtR66DR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7c4920f2cccee1a371f9ad4cfb618f1_JaffaCakes118

Files

a7c4920f2cccee1a371f9ad4cfb618f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eadaed2c0d04b9b819578183acca7fe4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetCurrentProcessId
GetCurrentThread
VirtualProtect
GetLogicalDrives
CreateThread
HeapCreate
LoadLibraryExA
IsDebuggerPresent
DeleteAtom
GetTimeFormatA
GetACP
GetCommConfig
CreateHardLinkA
GetStdHandle
GetEnvironmentStringsA
GetThreadPriority
CreateFileMappingA
InterlockedExchange
GetCurrentProcess
HeapDestroy

user32

GetCursorPos
GetFocus
GetWindowTextLengthA
wsprintfA
ShowWindow
GetParent
FrameRect
ReleaseDC
DrawTextA
FillRect
EndPaint
GetDlgItem
SetActiveWindow
SetForegroundWindow
GetTitleBarInfo
GetWindow
BeginPaint
GetClassNameA
DragDetect

advapi32

RegEnumKeyA
RegCloseKey
RegFlushKey
RegCreateKeyA
RegQueryInfoKeyA

clbcatq

CoRegCleanup

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ