a92a2ceea2baf56687c994235d4e173f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a92a2ceea2baf56687c994235d4e173f_JaffaCakes118
Size

95KB
MD5

a92a2ceea2baf56687c994235d4e173f
SHA1

85ea1645a560da12c9de609daf4fd5fff5d302fc
SHA256

c179bba67d5cb7ada39290e246c6709732cb12d5096820cec0d2501b63c30f68
SHA512

419fbe1abe6f88136eebae6eb4150ca4f6817f9f29602529b77f5029321e550dd201fa67d7f9e8d042a6f8bc5ee1add140112adeb74cd6e9e09715c1b61e2e52
SSDEEP

1536:pXLVbytmOCvvcMrjM6fNaxfQuC2TtB8kJNcmPdZOXNVZ937yU996W8va0YIbcz/S:p7V9rj5fNkC2TtqkoXP7yG96W8va0jEK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a92a2ceea2baf56687c994235d4e173f_JaffaCakes118

Files

a92a2ceea2baf56687c994235d4e173f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7090b6ade9e50abb7ec3017bff03d51f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindVolumeClose
lstrlenA
GetLastError
VirtualProtect
ExitProcess
TlsGetValue
GetDiskFreeSpaceA
SearchPathA
DeleteCriticalSection
CreateThread
Sleep
GetConsoleFontSize
FindResourceExA
GetTickCount
ReleaseMutex
SetEvent
GetModuleHandleA
FindClose
CloseHandle
FindAtomA

user32

EnableWindow
DispatchMessageA
CreateMenu
CreateWindowExA
GetMessageA
CopyIcon
DragDetect
EndDialog
GetScrollBarInfo
IsIconic
CopyImage
CloseWindow
GetKeyState
DialogBoxParamA

wshbth

WSHOpenSocket2
WSHIoctl
WSHNotify
WSHJoinLeaf
NSPStartup

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ