a7f44ec06f8718b66966e955c7a60df2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7f44ec06f8718b66966e955c7a60df2_JaffaCakes118
Size

178KB
MD5

a7f44ec06f8718b66966e955c7a60df2
SHA1

79dca25bc7f7e0a02aadc0677ebc7eeaa44f3b6a
SHA256

8bb12cea3f43d0cd388f75b355d62ccfd4b44fd0a42fb0c58576b99435a82aad
SHA512

5b05084406635cbe4e09c995c26535792326dd1e4a5651896fe52c162ff670377b62478b580688bdddd729d4492c3a4c2b19893f92b0a34877adebfe0d19bcd4
SSDEEP

3072:0DAYJ24Y05VVg82IofuClhtfdNqI4lusqw/72QUyk91XEb/K9nq4rFQ+AeLnT0wJ:eAR4fVVg82Bxbdd4lZqw9kEDM/+KnT0+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7f44ec06f8718b66966e955c7a60df2_JaffaCakes118

Files

a7f44ec06f8718b66966e955c7a60df2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7d7924201c7a6522b27a89c5da27ce9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileIntA
WaitForSingleObject
lstrlenA
GetVersion
GetConsoleCP
AddAtomA
LoadLibraryExW
HeapReAlloc
GetStdHandle
CloseHandle
SuspendThread
WaitForMultipleObjects
InterlockedExchange
GetCommandLineA
GetTickCount
VirtualProtect
HeapCreate
GetSystemDefaultLangID
CompareFileTime
GetModuleHandleA
GlobalUnlock

user32

CopyImage
GetDlgItem
GetCursorInfo
DestroyMenu
CreateIcon
DragObject
DialogBoxParamA
CreateMenu
InsertMenuA
MessageBoxA
InvertRect
SetScrollInfo
CopyRect
DrawCaption
FindWindowA
IsDialogMessage
GetKeyState
EnableScrollBar
CreateCursor
SetWindowPos
SetPropA
DispatchMessageA
CreateCaret
GetKeyboardLayout

advapi32

RegCloseKey
RegEnumKeyA
RegEnumValueA
RegCreateKeyExA
RegQueryInfoKeyA

apphelp

GetPermLayers

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ