a8e6b581dcb79a500996dbb6dd2e35fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8e6b581dcb79a500996dbb6dd2e35fd_JaffaCakes118
Size

18KB
MD5

a8e6b581dcb79a500996dbb6dd2e35fd
SHA1

e7ba688ddbce5e0afa6220a5fedf7e4b77c4ab08
SHA256

66d4cfa83fdd94df9178c177edb96a2c5790f8617ffc83195f5d268d29ada34e
SHA512

c9b395c0c8380983cdd5b29cd760fda61a653262d1189a8256896e2eb3a08f5bdbb71f34981679e4c69fa7ccf42c62354050cf57ba8355413e9ca92e3e273fce
SSDEEP

192:o3NSGXV67rjLoEN/BsEKPjtcHmNqnvn1GM2GXmFzrN4AUOSJ8WOsdZKBxTRy:SvXVIkEN/BjmqncGWBN4A7WO8KBxo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8e6b581dcb79a500996dbb6dd2e35fd_JaffaCakes118

Files

a8e6b581dcb79a500996dbb6dd2e35fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a32523a4c9b1cdeab947e49ca4bd6a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetStdHandle
GetCurrentProcessId
GetCurrentThread
WaitForSingleObject
InterlockedExchange
GetModuleHandleA
GetTapeStatus
HeapCreate
GetLogicalDrives
DeleteAtom
GetTimeFormatA
CreateFileMappingA
CreateHardLinkA
IsDebuggerPresent
LoadLibraryExA
VirtualProtect
GetCommConfig
GetACP
GetProcessVersion
GetEnvironmentStringsA

user32

ReleaseDC
DrawTextA
GetFocus
GetWindowTextLengthA
GetDlgItem
DragDetect
FillRect
EndPaint
FrameRect
SetForegroundWindow
GetWindow
GetTitleBarInfo
SetActiveWindow
wsprintfA
GetCursorPos
BeginPaint
GetClassNameA
GetParent
ShowWindow

advapi32

RegCloseKey
RegEnumKeyA
RegSetValueExA
RegFlushKey
RegCreateKeyA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ