adfce067108d8766c11387e3fa776509_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adfce067108d8766c11387e3fa776509_JaffaCakes118
Size

815KB
MD5

adfce067108d8766c11387e3fa776509
SHA1

103fe55385cf8f2620fb0302875d8d5322e58854
SHA256

ecbed94fffa5104299b29c716cef3db7c617e86a942f0e61e6124eb02d2a9e8c
SHA512

c53c0160f8f65aeb65ddd0c82dc03e3e45baf843d8eb307f6b23cc678dbc7081af654fe50e2599efbff52ed3b4b13f6162e22398c3dabbeb8c13c7c6f8ab0432
SSDEEP

24576:to/SjOG7mn19Vz/EuidfSX1OElEj2aAFRcX:K07mn1zAJdfewXSa4c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adfce067108d8766c11387e3fa776509_JaffaCakes118

Files

adfce067108d8766c11387e3fa776509_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af2a92b216ac14e576ff5686653837a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
WaitForMultipleObjects
FreeEnvironmentStringsA
LoadLibraryExA
CreateFileMappingA
TlsGetValue
FindAtomA
GlobalUnlock
GetConsoleCP
LocalFree
FindClose
GetLastError
HeapCreate
CreateFileA
GetConsoleAliasA
GetCalendarInfoA
CloseHandle
GetACP
LocalLock
GetModuleHandleA

user32

DefWindowProcA
CheckRadioButton
IsWindow
FillRect
GetIconInfo
DispatchMessageA
CallWindowProcA
CascadeWindows
DrawTextA
DrawEdge
GetDlgItem
SetFocus
GetDC
MessageBoxA

setupapi

CM_Add_IDA
SetupCloseLog
CMP_Report_LogOn
CM_Add_Range
SetupCloseInfFile

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ