b13563a1878a06e35912d9cd8ecedfaa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b13563a1878a06e35912d9cd8ecedfaa_JaffaCakes118
Size

316KB
MD5

b13563a1878a06e35912d9cd8ecedfaa
SHA1

b00c50241237d95d422d115ad3815d11ed08bb17
SHA256

0462015890901a3b3878f7a2ac8db1714a7504778322431cb47c147ac83c1c0c
SHA512

e3dd8476abfd56d95e84ac017aa47893801aca63a665febe87f1fd104f3c6894fdafcddaf81cb2bfc106f1208913d13850cabe9a82fc7fddcc0f74667fa7395c
SSDEEP

6144:nhgMbyt+/lFO7UXdj5hcD28Ek5k+6GGv+H1wpZnjZr0J/x:nhgxtAA70R5uq89H6EHe3pUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b13563a1878a06e35912d9cd8ecedfaa_JaffaCakes118

Files

b13563a1878a06e35912d9cd8ecedfaa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ddd0aee138c61ac6d0450442577fbd67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadPriority
HeapDestroy
DeleteAtom
GetEnvironmentStringsA
LoadLibraryA
InterlockedExchange
GetExpandedNameA
HeapCreate
WriteConsoleA
GetCurrentThread
OpenSemaphoreA
IsDebuggerPresent
FlushFileBuffers
FormatMessageA
GetModuleHandleA
GetStdHandle
GetCurrentProcessId
GetACP
GetTimeFormatA
VirtualProtect
GetCurrentProcess

user32

GetWindowTextLengthA
GetCursorPos
FillRect
wsprintfA
SetForegroundWindow
ReleaseDC
GetDlgItem
IsIconic
EndPaint
GetWindow
ValidateRgn
BeginPaint
DrawTextA
ShowWindow
GetClassNameA
GetFocus
SetActiveWindow
GetParent
FrameRect

linkinfo

GetLinkInfoData
DestroyLinkInfo
GetCanonicalPathInfoA
ResolveLinkInfoA
IsValidLinkInfo

version

GetFileVersionInfoA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ