b78faf12ccde43bb27d034f8bf88a6c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b78faf12ccde43bb27d034f8bf88a6c4_JaffaCakes118
Size

168KB
MD5

b78faf12ccde43bb27d034f8bf88a6c4
SHA1

45aecc0147691c5683e9b51638a2ceb505d0001f
SHA256

c47d5829915cc5cb0c2e1cf8c14a7ba38b74af28c2767dbabe1bd561002d5eba
SHA512

73a339f2276e46bef0b9b80696e7c34a1caedfe63e1d57076dc5fe4f911c81e028ed1ae33187f37c89a1610d8e6a49ca900c19f9257589919000ce44596bab3a
SSDEEP

3072:fwkt+I9RD+Z8Cbj1BJGFTo5TpM+VjgeJGUuyRZDk44bnLdFex5:AI9R+FBlM+VjgSy4cG5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b78faf12ccde43bb27d034f8bf88a6c4_JaffaCakes118

Files

b78faf12ccde43bb27d034f8bf88a6c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d1033a42a02e023c7b60e9f4f6b1b37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowPlacement
GetClientRect
SetCursor
PostMessageW
InvalidateRect
AdjustWindowRectEx
SetRectEmpty
FillRect

kernel32

GetLongPathNameW
GlobalFree
GetLastError
SetThreadContext
GetCurrentProcessId
CloseHandle
EnumResourceTypesW
GetModuleHandleW
LoadLibraryW
ExitProcess
CreateFileW
GetCurrentThreadId
UnhandledExceptionFilter
GetProcAddress
GetVersionExW

advapi32

RegQueryValueExW
RegDeleteKeyW
RegEnumKeyExW
RegCloseKey
RegCreateKeyW
RegSetValueExW
RegOpenKeyExW
RegSetValueW

msvfw32

ICClose
ICSendMessage
ICOpen
ICDecompress

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ