ac9083c2b64580a4fdd2a7ee5e6e58ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac9083c2b64580a4fdd2a7ee5e6e58ba_JaffaCakes118
Size

61KB
MD5

ac9083c2b64580a4fdd2a7ee5e6e58ba
SHA1

c681cd3c2cb3dcd6d82930c4e4046ee1c50e1f25
SHA256

e5fb6caaf0cd4da82f885889b68bc3d8e5b637fa90923be24d828ba06e1a4ee1
SHA512

9ee383cc5cc70cd7561a1184fbb0bb769e1148769eaa5970cf375146a06d8348ebf4719782b95006610585d1b17392aa8172fa8e6858bc5161b3f768a598bbd5
SSDEEP

1536:TPY8YMVuZUVM7/pm772XJXUW6143lDV2UoVOtq1a9pL/tEYs:DY/M8lm7aXJXU4VXaOtK2N/G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac9083c2b64580a4fdd2a7ee5e6e58ba_JaffaCakes118

Files

ac9083c2b64580a4fdd2a7ee5e6e58ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba1301c12b9d88b6888d782ee11768f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
ExitProcess
GetStartupInfoA
GetCurrentProcessId
GetCurrentThread
GetLastError
FreeLibrary
GetPriorityClass
ExitThread
GetCurrentThreadId
GetProcessHeap
LoadLibraryA
GetCommandLineA
GetProcessTimes
Sleep
GetThreadPriority
VirtualAlloc
GetModuleFileNameA
GetTickCount
GetModuleHandleA
CloseHandle

user32

OpenIcon
GetWindowTextA
GetFocus
GetSystemMetrics
GetWindow
BeginPaint
IsWindowVisible
ShowWindow
UpdateWindow
GetForegroundWindow
ReleaseDC
GetWindowTextLengthA
GetWindowLongA
RegisterClassA
GetWindowDC
GetDC
CreateWindowExA
GetActiveWindow
GetClassLongA

advapi32

RegOpenKeyExA
RegCloseKey
GetUserNameA
RegCreateKeyExA
RegQueryValueExA
IsTextUnicode

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerLanguageNameA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE