b4a7a34e066e91e2d111c38f07a409cf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4a7a34e066e91e2d111c38f07a409cf_JaffaCakes118
Size

279KB
MD5

b4a7a34e066e91e2d111c38f07a409cf
SHA1

63c70f3fe1e947e86cfea44a7722bee69d9992a9
SHA256

f4222e3e404aeef5699a74c2644a759f4d615d9967810be5837ebac9460f554f
SHA512

a1b78b193139b8f4a907ab9e723e405960bd985a2c070ceec2be119ecdacbd83463a6705eb7ceeafb924b792c96c6ae10adfbcba52fcf5d09d29efe14d608945
SSDEEP

3072:KyDA8tyCiCtCDO7GqDPUzMouzfrYxrQ3d9uj65SVGUCQNlbcK50mmuF4FM5SqWju:JDAAWWVXDczgz1d4hNPNtv4ASqWLP+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4a7a34e066e91e2d111c38f07a409cf_JaffaCakes118

Files

b4a7a34e066e91e2d111c38f07a409cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5611041111551e6bf280e51da00fc63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringA
CreateEventA
CreateThread
EnterCriticalSection
ExitProcess
ExitThread
GetComputerNameA
GetCurrentProcess
GetLocalTime
GetSystemDefaultLCID
GetTickCount
GlobalAlloc
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
LoadLibraryA
LocalFree
LocalReAlloc
MulDiv
OpenEventA
RaiseException
ReadFile
SetEvent
SetFilePointer
Sleep
WaitForSingleObject
WriteConsoleA
lstrcatA
lstrlenA

user32

DeleteMenu
GetAsyncKeyState
GetKeyState
GetWindowLongW
InflateRect
ModifyMenuW
PaintDesktop
PostMessageW
PostThreadMessageW
RegisterClassW
ReleaseDC
SendMessageCallbackW
SetScrollPos

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ