a96a367b80d56b48bd24eb970f889465_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a96a367b80d56b48bd24eb970f889465_JaffaCakes118
Size

8KB
MD5

a96a367b80d56b48bd24eb970f889465
SHA1

8a64b98d5b7c7468b74aacfa9810683d3595858f
SHA256

7ba28812916c6d742afc83fa60bc36769f78531385f5252ea693b486e16ed460
SHA512

b38c1978374148aa8f0085f8c18c44e617477570c439ce4f7b893d486a19e6f611a10a3755c48e3b84c8679f3b23cc4abaf7d1045544d4492c705522ddae973a
SSDEEP

96:ITBwdkW7XvueheuPLbC6Rdf79aH7j7zsH/VEYgJnHOTqF:IT+kCvheuPNRpR+jivgJnHOTg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a96a367b80d56b48bd24eb970f889465_JaffaCakes118

Files

a96a367b80d56b48bd24eb970f889465_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58285405d174bca527832e5c8f61b28e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetUserDefaultLangID
EnumDateFormatsA
GetProfileStringA
CreateMailslotA
GetProcessHeap
VirtualAlloc
GetVolumePathNameA
GetStdHandle
LocalHandle
CreateJobSet
GlobalLock
FindAtomA
CloseHandle
GetProfileIntA
GetTapeStatus
GlobalFlags
GetOEMCP
EnterCriticalSection
GetModuleHandleA
GlobalFree

user32

ShowWindow
RegisterClassA
GetClassInfoExA
BeginPaint
GetFocus
GetParent
CloseWindow
GetDC
DrawEdge
IsIconic
GetWindowTextA
EndPaint
GetActiveWindow
GetWindowTextLengthA
GetClassNameA
ReleaseDC
ValidateRect
GetForegroundWindow
GetWindow

gdi32

CreateDCA
CreateDIBitmap
GetColorSpace
GetCharWidthA
ExtCreatePen

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ