a9e7f247f3271a4869c91fd7e3d48d00_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9e7f247f3271a4869c91fd7e3d48d00_JaffaCakes118
Size

28KB
MD5

a9e7f247f3271a4869c91fd7e3d48d00
SHA1

c9e9b4fd471f10ecf041567ac1349b8a33d6a226
SHA256

40b1ddfa5caf9eafff3837924d395894a58c7ca22cd3c8515e1790f83bfbd672
SHA512

be98f729b8b42a0c6ea1976f24a7a959fbd7413badbe01b9a8f18654645467fdc034348384a0ed3c30e7be5592d03a28fceeb6c03fa4c6bb3896f9ad55f6e258
SSDEEP

192:tQR0t8en63MF7vYsViYDpZtCf/JMGxEdvwNkAX:CRKn/FLYi5D/MyVq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9e7f247f3271a4869c91fd7e3d48d00_JaffaCakes118

Files

a9e7f247f3271a4869c91fd7e3d48d00_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e080ec64c2430109a3bea3fb776b238

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByte
TlsGetValue
GetConsoleCP
CompareStringA
AddAtomA
GetLargestConsoleWindowSize
CreatePipe
GetOEMCP
CancelWaitableTimer
GetThreadTimes
GetUserDefaultLangID
GetModuleHandleA
GetExitCodeThread
VirtualAlloc
GetThreadLocale
TlsFree
GetShortPathNameA
ReleaseMutex
SetEvent
GetThreadPriority
CreateMutexA

user32

GetClassInfoExA
GetFocus
GetWindowTextA
GetActiveWindow
GetWindowTextLengthA
GetSystemMetrics
ValidateRect
GetClassNameA
IsWindowVisible
ShowWindow
GetWindow
IsIconic
InvalidateRect
GetForegroundWindow
CloseWindow
ReleaseDC
ReleaseDC
RegisterClassA
GetDC

msutb

ClosePopupTipbar
DllCanUnloadNow
GetLibTls
GetPopupTipbar
DllGetClassObject

shimeng

SE_DynamicShim

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ