adc976439e938095f64b5591bb58dcba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adc976439e938095f64b5591bb58dcba_JaffaCakes118
Size

212KB
MD5

adc976439e938095f64b5591bb58dcba
SHA1

2fbe58bfeba07a61aa0cf073b3302f49df9a71ff
SHA256

bb8e4ec9fdad9bed353b33927e26206dcfa246d45a3c8fde104477f9df3e7d92
SHA512

e93d8df15831c3fe6b6c2bbc672b068417915a633f153f9278100c7b41848597c2d5939e4ffc8de9da511692f03cd7d8e80f28cc738b54443eb4bb1edd0179b6
SSDEEP

3072:vwHgf4WMInuBrYKisVFsdspz1RxqbeotKD0rUsqHiRBlaV4ixZ+S:IHgf4WMCuB1RVFUmR2DKD0oCRBlami/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adc976439e938095f64b5591bb58dcba_JaffaCakes118

Files

adc976439e938095f64b5591bb58dcba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b610f86b45b1dc31954e5186c88be2ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetVolumeInformationA
GetStartupInfoA
DefineDosDeviceA
HeapDestroy
lstrcatA
GetProcessPriorityBoost
LocalLock
GetPrivateProfileStructA
IsDebuggerPresent
EscapeCommFunction
CommConfigDialogA
VirtualFreeEx
GetConsoleKeyboardLayoutNameA
VirtualAlloc
GetFullPathNameA
IsBadWritePtr
GetProcessShutdownParameters
DeleteTimerQueueTimer
QueryDosDeviceA
GetLocaleInfoW
MultiByteToWideChar
GetCPInfo
GetCommandLineA
GetTempPathA

shell32

SHGetSpecialFolderPathA

mpr

WNetGetConnectionA

winmm

timeBeginPeriod
timeGetTime

Sections

.idata
Size: - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 200KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ