aba0b9d6d9e09edf48148225d7fe4212_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aba0b9d6d9e09edf48148225d7fe4212_JaffaCakes118
Size

413KB
MD5

aba0b9d6d9e09edf48148225d7fe4212
SHA1

2d2b31d223151b4a12eb3ec4d9067c1d611662b3
SHA256

c9c6e222995aa861f9663e08ffbace6ec3f07f837a3abf9bc8b783cf0eb6c983
SHA512

8a09c8b7c28913fe22cba9d062cf33ff45a16385932d7f9d80ce400564a69b72b35676891f771079360c33724a1a17f3648e0b1d2d312db960912845b60a06a0
SSDEEP

6144:ZZi+WewfBUvNFz4o4+MymM552Yn1rMRMUN+zaRtACBZyD7J2s:ni+WekwD4Nryt/XUUXYIxF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aba0b9d6d9e09edf48148225d7fe4212_JaffaCakes118

Files

aba0b9d6d9e09edf48148225d7fe4212_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b217af1e3a5f8607b09a556d707a8a7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
CreateMutexA
GetStdHandle
GetThreadLocale
TlsFree
GetConsoleCP
GetVolumeInformationA
GetUserDefaultLangID
CreatePipe
GlobalFindAtomA
SetEvent
IsDBCSLeadByte
CreateThread
GetProcessHeap
TlsGetValue
GetExitCodeThread
VirtualAlloc
CompareStringA
GetModuleHandleA
ReleaseMutex
GetPriorityClass

user32

GetFocus
DrawTextExA
GetWindow
GetClassInfoExA
RegisterClassA
GetSystemMetrics
GetWindowTextLengthA
ValidateRect
GetActiveWindow
IsWindowVisible
CloseWindow
IsIconic
GetDC
ReleaseDC
GetClassNameA
ShowWindow
GetForegroundWindow
InvalidateRect
GetWindowTextA

shell32

SHBrowseForFolderA
SHGetMalloc
SHGetFileInfoA
SHGetFolderPathA
SHChangeNotify

userenv

LoadUserProfileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ