a93d6c2f87a142fc7826bf647b3031ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a93d6c2f87a142fc7826bf647b3031ee_JaffaCakes118
Size

173KB
MD5

a93d6c2f87a142fc7826bf647b3031ee
SHA1

1c24c3088d808df48f2e9d933d968130bb40de3c
SHA256

a1a5fc1d5b67110ad94161e2b66a04cc08bce324e08636bdba3794bc706251e3
SHA512

6a759f0dad21c711a899355e548be17ac907ad632b8e5ac4726b4324595527f5e309c71d6c356a175965323547042d8ea134405129f48c178c76bc8b8c6ff7b5
SSDEEP

3072:bJ2Xgb9X3I12fB+TlhD5BHeSS1G5t0/5SzTxfT556eZ3nBzNrMvAzye:bJ+k7+TlhHHdAG5t0/szTl6eZ3BzGay

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a93d6c2f87a142fc7826bf647b3031ee_JaffaCakes118

Files

a93d6c2f87a142fc7826bf647b3031ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e3a7d70338fb23546a56f8eb664b547

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

user32

GetKeyState
wsprintfW
wsprintfA
CharUpperA
MessageBoxA
GetTopWindow
CharNextA
CharLowerA

kernel32

GetThreadIOPendingFlag
IsBadReadPtr
SetEndOfFile
CreateMutexA
WriteFile
CreateFileW
CompareStringW
LoadLibraryA
TransmitCommChar
InterlockedIncrement
MultiByteToWideChar
EnumResourceNamesW
FlushFileBuffers
CompareStringA
GetProcAddress
SetStdHandle
FreeLibrary
ExitProcess
GetTempPathW
WideCharToMultiByte
CloseHandle
GetLastError
InterlockedDecrement
GetModuleFileNameA
LoadLibraryW
SetEnvironmentVariableA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ