a8403c61a86851c94edcbb5c6283469c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8403c61a86851c94edcbb5c6283469c_JaffaCakes118
Size

44KB
MD5

a8403c61a86851c94edcbb5c6283469c
SHA1

6f4614e0e8d99a098edf6918f4b59bb8f392b3f4
SHA256

4f1fabac0090b4629533929950a215edac80b7334305cf2f552913300ad3bee7
SHA512

784d45b72e6225b8a1312b28d4d196530fd473728193014f10cddabc42e340822835ed07ab17bc4fff306940197e056562682252be1b44db99633c992c469ba9
SSDEEP

768:IkkB21oMcvmLzwtgPLpBCv5eEaZPMI8j0E1CnmH1y/zPyZ9OUbNqIBXAGT6j:4BPMc5tgPLKvaPMeV8mOjjbMIBXAGT+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8403c61a86851c94edcbb5c6283469c_JaffaCakes118

Files

a8403c61a86851c94edcbb5c6283469c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22f2982f1cb7a74dcb325d063619bd90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
VirtualAlloc
TlsFree
DeleteFileA
FindResourceExA
TlsGetValue
SwitchToThread
lstrcpyA
GetModuleFileNameA
IsDBCSLeadByte
TlsSetValue
GetModuleHandleW
SetEndOfFile
GetUserDefaultLCID
GetSystemDefaultLCID
GetOEMCP
GetCurrentThreadId
GetFileAttributesW
GetThreadLocale
AllocConsole
GetCommandLineA

user32

ShowWindow
GetDC
CloseWindow
ReleaseDC
RegisterClassA
GetActiveWindow
ReleaseDC
GetWindowLongA
GetWindow
InvalidateRect
GetClassInfoExA
IsWindowVisible
GetWindowTextLengthA
GetSystemMetrics
GetForegroundWindow
ValidateRect
IsIconic
GetFocus
GetWindowTextA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerFindFileA
VerLanguageNameA
VerQueryValueA
VerInstallFileA

msctf

DllGetClassObject

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ