b79690bb87a22a410c8724a03087eda8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b79690bb87a22a410c8724a03087eda8_JaffaCakes118
Size

153KB
MD5

b79690bb87a22a410c8724a03087eda8
SHA1

c5a2d9be092275497dbaeec17537c40781a87634
SHA256

b20a5d1a384b8d020cfd16f72190ad94134b5170a35b1f870d47afe681e54de9
SHA512

31bea0d8c569bd3752fcef7151b90b606f17373f77a5ea69943627d4947fa9e3b60c81581e365487db770c428e6afb978d2671041f569e58ae30809d8cb712d5
SSDEEP

3072:fAAvATBn6EU1lytyLWnZRzq3EYtmWTHCP1zAzciK9qnQ2oXHPMBYuxg:MBlUvytyLWPLnWoUQ2MkBY8g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b79690bb87a22a410c8724a03087eda8_JaffaCakes118

Files

b79690bb87a22a410c8724a03087eda8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f949edfa290adad809b7638a08a273aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileExA
RemoveDirectoryA
GetLastError
FindClose
InterlockedExchange
SetEvent
ReleaseMutex
GetLocaleInfoA
ResetEvent
GlobalFree
SetErrorMode
LoadLibraryExA
VirtualProtect
GetCommandLineA
GetACP
HeapCreate
GetStdHandle
RaiseException
EnterCriticalSection
Sleep
GetSystemDirectoryA

user32

GetWindowTextA
BeginPaint
GetClassNameA
IsIconic
SetForegroundWindow
FlashWindowEx
SetActiveWindow
FrameRect
GetWindow
GetFocus
DrawTextA
ShowWindow
GetCursorPos
FillRect
ValidateRgn
ReleaseDC
GetParent
EndPaint
wsprintfA

dnsapi

DnsApiFree
DnsStatusString
DnsIsStatusRcode
DnsFree
DnsApiAlloc

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ