afc544f206938c3bcdc79fb4fb4d0539_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afc544f206938c3bcdc79fb4fb4d0539_JaffaCakes118
Size

210KB
MD5

afc544f206938c3bcdc79fb4fb4d0539
SHA1

0ab99e3ab400f06b8f22b9ef8193981130797a76
SHA256

a244cfed2e4fd4e8edde1467ed45fa238cd75ac65f4ffdb874a777d7b71104d1
SHA512

afa9cd719877ee23055447682118741970f997cbf2731d59e4dddc08fe0105cea190b2fb7f26cc344af856dafce9b4e7b07c5737d49b01d5003cbe8b9b482511
SSDEEP

6144:dFhyNHMswvN/9SrywkrEsYD3PjVT/kio69ZhsnxxyF:XINslBAKA3LRkioUhsxxyF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afc544f206938c3bcdc79fb4fb4d0539_JaffaCakes118

Files

afc544f206938c3bcdc79fb4fb4d0539_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc1366ffe4774e892435a4ff97a27b4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
HeapCreate
GetConsoleCP
WaitForMultipleObjects
GetProfileIntA
GetSystemDefaultLangID
GetStdHandle
AddAtomA
GetModuleHandleA
GetTickCount
HeapReAlloc
LoadLibraryExW
GetCommandLineA
InterlockedExchange
GlobalUnlock
VirtualProtect
lstrlenA
CloseHandle
SuspendThread
GetVersion
CompareFileTime

user32

SetScrollInfo
GetDlgItem
FindWindowA
CopyImage
GetKeyState
InsertMenuA
SetWindowPos
DispatchMessageA
CreateIcon
EnableScrollBar
DrawCaption
InvertRect
CreateCaret
DragObject
CopyRect
CreateMenu
GetCursorInfo
DialogBoxParamA
MessageBoxA
SetPropA
DestroyMenu
IsDialogMessage
CreateCursor
GetKeyboardLayout

advapi32

RegCreateKeyExA
RegEnumValueA
RegEnumKeyA
RegCloseKey
RegQueryInfoKeyA

apphelp

GetPermLayers

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ