a825b9182eaaa96a26cb63e81a50edad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a825b9182eaaa96a26cb63e81a50edad_JaffaCakes118
Size

813KB
MD5

a825b9182eaaa96a26cb63e81a50edad
SHA1

5597a7ee45a5cea7ee4556e6ff1a92273cf3b2d7
SHA256

afe3de577fde3cfac7e643c0d497b0e6be36fbf7f29ee0a2c3a3b3de16e9f33d
SHA512

de06f5a6f351d53fc297d04b1b957d2eb4cf576d48aa52ccedcd73cde5ba0fe01a2fe62e80875347c331a0a06cc99a24c028c3bf1c455336cdc65ac0946992bc
SSDEEP

12288:sn2jkrN9EMwDjYqggQdwUQHW69Yk/FWOT5O370CY5kDQ9KRRprSZR1an:s2jkY/Xkw8iT5O37KlKPpWZLM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a825b9182eaaa96a26cb63e81a50edad_JaffaCakes118

Files

a825b9182eaaa96a26cb63e81a50edad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99041b9c5ee193bcdfc61a75f6d934a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
IsDebuggerPresent
LoadLibraryExA
CreateFileA
CloseHandle
TlsGetValue
HeapCreate
GetConsoleCP
WaitForSingleObject
FreeEnvironmentStringsA
GetModuleHandleA
GetStdHandle
FindClose
CreateEventA
LocalFree
LocalLock
CreateFileMappingA
GetLastError
GetACP
LocalUnlock

user32

GetDC
ScrollWindow
EndMenu
PostMessageA
EmptyClipboard
DefWindowProcA
SetFocus
DispatchMessageA
GetIconInfo
GetDlgItem
CreateDialogParamA
IsWindow
GetMessageA
DrawIconEx

msasn1

ASN1BEREncLength
ASN1BERDecEoid
ASN1BERDecCheck
ASN1BERDecBool
ASN1BEREncFlush

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ