ac7136a7743fa2abd14933935e5657b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac7136a7743fa2abd14933935e5657b3_JaffaCakes118
Size

190KB
MD5

ac7136a7743fa2abd14933935e5657b3
SHA1

84119af303217c03ec065ecada338912f03e2459
SHA256

8ab73622b832fbc102832f4753ec7e5bde13fbef432fab67691cdc532f7cc9e5
SHA512

3385f5f78e236beb92089161e53b72875555cba7b74fbab46cf1e3c710780d90b8710eb89e70814f9a069a2b3c2474c61dc31543c98ee35a1ae1af53cbc916f1
SSDEEP

3072:Ghi20Shq9CqV4IzVGlKqC0RE5bmlzgfgRsruM6mPrqAKE2TUQm:GhBxqyhl5E5bmifgRsrYxAKE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac7136a7743fa2abd14933935e5657b3_JaffaCakes118

Files

ac7136a7743fa2abd14933935e5657b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e841db5f90f665e08b7aa702cb5ba5ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegCreateKeyW
RegSetValueW

user32

SetCursor
AdjustWindowRectEx
PostMessageW
GetClientRect
SetRectEmpty
GetWindowPlacement
InvalidateRect
FillRect

kernel32

GlobalFree
GetShortPathNameA
GetCurrentProcessId
GetCurrentThreadId
GetFileInformationByHandle
CreateFileW
GetModuleHandleW
EnumResourceTypesW
ExitProcess
UnhandledExceptionFilter
CloseHandle
LoadLibraryW
GetProcAddress
GetLastError
GetVersionExW

msvfw32

ICSendMessage
ICClose
ICOpen
ICDecompress

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ