b73a125bc66bdf8712566afe6bae2789_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b73a125bc66bdf8712566afe6bae2789_JaffaCakes118
Size

320KB
MD5

b73a125bc66bdf8712566afe6bae2789
SHA1

9795d531a1d13bac4e9e4917df020648e346b9ce
SHA256

aebff3b0f8d85bf408c5cb4ba60fbe2530ddc0b538e3d581c07013d57208bf65
SHA512

77d7d7eaf2366d2991d55deebfb6288808f01f5f4709b10819d342f7e1b5d2a038e7a01708eae59e338b949ca87adc072c7b0975e8954bd7050ee6b3983027f5
SSDEEP

6144:t8UYrEWiGKO9gIFD7py1d/99GxqI7lWA/LtC6DaRNAk93gBdk4mW3:erXMOic1sUxXxWKZLwSSgB2W3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b73a125bc66bdf8712566afe6bae2789_JaffaCakes118

Files

b73a125bc66bdf8712566afe6bae2789_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7c133bce2853f79d080c32da9eee078

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
CreateIoCompletionPort
GetACP
LoadLibraryExA
GetProcessVersion
GetCurrentThread
GetLogicalDrives
WaitForSingleObject
VirtualProtect
GlobalMemoryStatus
GetEnvironmentStringsA
GetModuleHandleA
HeapDestroy
GetCurrentProcessId
GetStdHandle
InterlockedExchange
HeapCreate
HeapQueryInformation
IsDebuggerPresent
GetTapeStatus
GetProcessHeap

user32

EndPaint
DragDetect
ShowWindow
DrawTextA
SetActiveWindow
GetWindow
GetParent
GetTitleBarInfo
GetCursorPos
BeginPaint
GetClassNameA
GetWindowTextLengthA
ReleaseDC
wsprintfA
GetFocus
SetForegroundWindow
GetDlgItem
FillRect
FrameRect

advapi32

RegEnumKeyA
RegCloseKey
RegFlushKey
RegSetValueExA
RegCreateKeyA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ