b20ccb92d092c53f3c621b3d62707640_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b20ccb92d092c53f3c621b3d62707640_JaffaCakes118
Size

207KB
MD5

b20ccb92d092c53f3c621b3d62707640
SHA1

087b8e228230895723fb70abf8947594947928a3
SHA256

ddd8d77ed40714c36f1f199a7cd24b8a33552e18b3b4071766a578f952289744
SHA512

f311ea49d1fd88c22fc86089e03958160ebc7dc26f78e1aa4629957eaa80f9c1255d9e1ae1791a11345e27bd6bc4f9fb09873c1f85659aaa304e7cfed6f486c7
SSDEEP

6144:Pe/jOsSRhGyqBRvmjCJ4rBgFXXdqayr/nYlIW2:PQqsSRiBRGCur+NqXhW2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b20ccb92d092c53f3c621b3d62707640_JaffaCakes118

Files

b20ccb92d092c53f3c621b3d62707640_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a9f4bb2f8e46cd70452487e56557f615

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

IsWindow
GetClientRect
RegisterClassExA
CallWindowProcA
RealGetWindowClassA
EndPaint
IsChild
GetKeyState
SetFocus
BeginPaint
GetParent
GetFocus
IntersectRect
PtInRect
InvalidateRect
UnionRect
UnregisterClassA
CreateWindowExA

kernel32

CreateFiber
InterlockedCompareExchange
ExitProcess
VirtualProtect
UnhandledExceptionFilter
VirtualQuery
VirtualAlloc
ResumeThread
IsProcessorFeaturePresent
GetProcAddress
EnumResourceNamesA
SetUnhandledExceptionFilter
LoadLibraryA
VirtualFree
TerminateProcess
GetLocaleInfoA
GetCommandLineA
HeapAlloc
SetThreadPriority
HeapSize
RtlUnwind
GetSystemInfo
HeapReAlloc
HeapDestroy
GetACP
WriteFile

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ